Lists (6)
Stars
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
A cross-platform python based utility to download courses from udemy for personal offline use.
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
All about bug bounty (bypasses, payloads, and etc)
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomains and more!
The fastest way to create an HTML app
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Adversary simulation and Red teaming platform with AI
An NFC research toolkit application for Android
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …
🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)
[NOT MAINTAINED] This script creates a NATed or Bridged WiFi Access Point.
Android Remote Administration Tool
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
This is Advance Phishing Tool ! OTP PHISHING
Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities.
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication