Stars
Packet Hack Village Hack in the Box 2021 Badge code
Community curated list of templates for the nuclei engine to find security vulnerabilities.
chroot based kernel level jailbreak detection bypass.
Go client to communicate with Chaos DB API.
XSS spider - 66/66 wavsep XSS detected
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…
Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a variety of supported platforms.
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …
The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, …
Fast passive subdomain enumeration tool.
Find domains and subdomains related to a given domain
Docker image for Osmedeus, a fully automated offensive security tool for reconnaissance and vulnerability scanning
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
🔥 Web-application firewalls (WAFs) from security standpoint.
A Python program to scrape secrets from GitHub through usage of a large repository of dorks.
A tool for reverse engineering Android apk files
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Gospider - Fast web spider written in Go
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.