Starred repositories
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readines…
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens
Scanning APK file for URIs, endpoints & secrets.
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
Tool to look for several security related Android application vulnerabilities
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
A Python program to scrape secrets from GitHub through usage of a large repository of dorks.
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!
AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
❄️ PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner
XSS spider - 66/66 wavsep XSS detected
Codebase to generate an msdt-follina payload