Test files of multiple types that can be used to deliver executable payloads.

Offensive Software Exploitation Course

🖊 A gtk3 markdown editor

Find, verify, and analyze leaked credentials

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)

This tool use fuuzzing to try to bypass unknown authentication methods, who knows...

A simple script just made for self use for bypassing 403

E-mails, subdomains and names Harvester - OSINT

XSS spider - 66/66 wavsep XSS detected

Web Attack Cheat Sheet

Repository for the LinkScope Client software.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Tools for fingerprinting and exploiting Amazon cloud infrastructures

Starting Point

Work in progress...

Work in progress...

Work in progress...

Commands used in Windows penetration tests

Hacking Artifactory with server side template injection

Notes about attacking Jenkins servers

A python script to help process the output from xsscrapy and remove duplicate vulnerabilities

Utility program to perform multiple operations for a given subnet/CIDR ranges.

Open Source Package Analysis

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

Greenshot for Windows - for more information look here:

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

📚 Freely available programming books