A tool for writing better scripts

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

Community curated list of templates for the nuclei engine to find security vulnerabilities.

OSINT Framework

WebGoat is a deliberately insecure application

Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime

Tunneling Internet traffic over Whatsapp

Find broken links, missing images, etc within your HTML.

A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me

Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.

PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.

An open source threat modeling tool from OWASP

Next-gen BurpSuite penetration testing tool

Collection of useful FRIDA Mobile Scripts

A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily replace the variables with content. Data is saved temporarily i…

This extension will help you to detect GET/POST based XSS vulnerability in any website easily

Git index file parser, using python3

Never forget where you inject.

[WIP] Simple mobile applications sandbox file browser tool. Powered with [frida.re](https://www.frida.re).

This is vulnerable microservice written in many language to demonstrating OWASP API Top Security Risk (under development)