Stars
Automatic SQL injection and database takeover tool
An interactive Docker client that lets you list containers and run commands via either a Unix socket or a remote HTTP(S) endpoint.
CVE-2025-3969: Exploit PoC (OS CMD injection, Web Shell, Interactive Shell)
Detecting leaked secrets, API keys, credentials, and sensitive files from public repositories in near real-time using the GitHub Events API
A curated list of awesome GraphQL Security frameworks, libraries, software and resources
Extract URLs, paths, secrets, and other interesting bits from JavaScript
A collection of useful resources for hacking WordPress and it's plugins and themes
A Firefox Web Extension to improve the discovery of DOM XSS.
Make BASH stealthy and hacker friendly with lots of bash functions
MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filtering and easy input-output support.
Chocapikk / CipherBuster
Forked from Christbowel/CipherBusterOutil d'analyse et d'exploitation des vulnérabilités des implémentations RSA, avec techniques d'attaque automatisées et avancées
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Th…
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
The FLARE team's open-source tool to identify capabilities in executable files.
List of Directory Traversal/LFI Payloads Scraped from the Internet
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh