The library for web and native user interfaces.

JavaScript Style Guide

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

VNC client web application

JavaScript Regular expressions made easy

Community curated list of templates for the nuclei engine to find security vulnerabilities.

The Browser Exploitation Framework Project

Reverse engineering WhatsApp Web.

Cuckoo Sandbox is an automated dynamic malware analysis system

AI for the Command Line

A small library for manipulating the favicon, in particular adding alert bubbles and changing images.

Produces persistent, respawning "super" cookies in a browser, abusing over a dozen techniques. Its goal is to identify users after they've removed standard cookies and other privacy data such as Fl…

pull decrypted ipa from jailbreak device

OS X Auditor is a free Mac OS X computer forensics tool

FOAAS (Fuck Off As A Service) provides a modern, RESTful, scalable solution to the common problem of telling people to fuck off.

HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors

Pentest Report Generator

UFONet - Denial of Service Toolkit

Test tech job posts for issues with sexism, culture, expectations, and recruiter fails.

Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.

[deprecated] Yet another frida based iOS dumpdecrypted. Also decrypts app extensions

A playable post on how harmless choices can make a harmful world.

Point & click to forbid/allow any class of requests made by your browser. Use it to block scripts, iframes, ads, facebook, etc.

Simple HS256, HS384 & HS512 JWT token brute force cracker.

A minimalist, opensource online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES.

Ultrasonic Networking with the Web Audio API

db.js is a wrapper for IndexedDB to make it easier to work against

Semantic client-side device detection with Media Queries

Transform any javascript code to an equivalent sequence of ()[]{}!+ characters that runs in the browser!

An agile, distributed, and secure alternative to the Certificate Authority system.