The pattern matching swiss knife

Various Tools and Docker Images

🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Driver for the Pimoroni HyperPixel 4.0" Touchscreen Display

Building the Perfect Rails 5 API Only App & Documenting Rails-based REST API using Swagger UI

A collection of scripts, and tips and tricks for hacking k8s clusters and containers.

Cyberdelia, a Collection of Command and Control frameworks

Six Degrees of Domain Admin

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the contr…

A Simple Unix-like operating system

Docker hosts and containers monitoring with Prometheus, Grafana, cAdvisor, NodeExporter and AlertManager

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

Enumerate and test Logitech wireless input devices for vulnerabilities with a nRF52840 radio dongle.

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A tool for embedding XXE/XML exploits into different filetypes

A laboratory for learning secure web and mobile development in a practical manner.

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Daemon to ban hosts that cause multiple authentication errors

Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios

A container analysis and exploitation tool for pentesters and engineers.

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Some setup scripts for security research tools.

This repository holds all the list of advanced XSS payloads that can be used in penetration testing. These payloads can be loaded into XSS scanners as well.

IEEE 802.15.4/ZigBee Security Research Toolkit

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]

The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.