Stars
🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Driver for the Pimoroni HyperPixel 4.0" Touchscreen Display
Building the Perfect Rails 5 API Only App & Documenting Rails-based REST API using Swagger UI
A collection of scripts, and tips and tricks for hacking k8s clusters and containers.
Cyberdelia, a Collection of Command and Control frameworks
Six Degrees of Domain Admin
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the contr…
Docker hosts and containers monitoring with Prometheus, Grafana, cAdvisor, NodeExporter and AlertManager
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
Enumerate and test Logitech wireless input devices for vulnerabilities with a nRF52840 radio dongle.
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A tool for embedding XXE/XML exploits into different filetypes
A laboratory for learning secure web and mobile development in a practical manner.
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Daemon to ban hosts that cause multiple authentication errors
Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios
A container analysis and exploitation tool for pentesters and engineers.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Some setup scripts for security research tools.
This repository holds all the list of advanced XSS payloads that can be used in penetration testing. These payloads can be loaded into XSS scanners as well.
BastilleResearch / killerbee
Forked from riverloopsec/killerbeeIEEE 802.15.4/ZigBee Security Research Toolkit
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]
The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.