Stars
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
A free open source IT asset/license management system
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES.
SQLI labs to test error based, Blind boolean based, Time based.
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
Collection of CTF Web challenges I made
FruityWiFi is a wireless network auditing tool. The application can be installed in any Debian based system (Jessie) adding the extra packages. Tested in Debian, Kali Linux, Kali Linux ARM (Raspber…
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
PHPMailer < 5.2.18 Remote Code Execution exploit and vulnerable container
RIPS - A static source code analyser for vulnerabilities in PHP scripts
The project’s primary goals consist of: A robust and effective web based online banking system. Extending functionality without compromising the security. Personal banking services that gives you c…
A training CTF covering non-blind SQL injection techniques
Package created to standardize all services for solving captcha. Each service has its own features and now You will have to look at the documentation for the specific service to do everything right…