Stars
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
PHP Static Analysis Tool - discover bugs in your code without running it!
The PHP deployment tool with support for popular frameworks out of the box
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
A curated list of resources for learning about application security
A great looking and easy-to-use photo-management-system you can run on your server, to manage and share photos.
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
A modern Docker LAMP stack and MEAN stack for local development
All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers
Scotch Box is a preconfigured Vagrant Box with a full array of LAMP Stack features to get you up and running with Vagrant in no time.
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
FruityWiFi is a wireless network auditing tool. The application can be installed in any Debian based system (Jessie) adding the extra packages. Tested in Debian, Kali Linux, Kali Linux ARM (Raspber…
AWSGoat : A Damn Vulnerable AWS Infrastructure
Hashtopolis - distributed password cracking with Hashcat
Detect potentially malicious PHP files
FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.
Unified sample web app. The easy way to learn web frameworks.
A semi-interactive PHP shell compressed into a single file.
A laboratory for learning secure web and mobile development in a practical manner.