Your gateway to OWASP. Discover, engage, and help shape the future!

OWASP Foundation web repository

A highly customizable Changelog Generator that follows Conventional Commit specifications ⛰️

Open-source web platform used to create live reporting dashboards from APIs, MongoDB, Firestore, MySQL, PostgreSQL, and more 📈📊

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.

Active Directory and Internal Pentest Cheatsheets

🕵️‍♂️ Offensive Google framework.

Iceman Fork - Proxmark3

The Faction Burp Suite Extension

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

User, contributor and developer friendly vulnerability database

Example Faction Plugin to Send Issus to Jira.

Maven Repo Used for Extending Faction.

Pen Test Report Generation and Assessment Collaboration

Timestomp Tool to flatten MAC times with a specific timestamp

A tool that helps you easy trace classes, functions, and modify the return values of methods on iOS platform

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

Bruteforce database

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

This tool is used to install `pyenv` and friends.

Multiplexing proxy for Chrome DevTools. Fully compatible with Selenium and ChromeDriver

Auto Scanning to SSL Vulnerability