Stars
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
Python SDK, Proxy Server (AI Gateway) to call 100+ LLM APIs in OpenAI (or native) format, with cost tracking, guardrails, loadbalancing and logging. [Bedrock, Azure, OpenAI, VertexAI, Cohere, Anthr…
Automatic SQL injection and database takeover tool
Distributed Task Queue (development branch)
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
Incredibly fast crawler designed for OSINT.
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
A tool that automatically formats Python code to conform to the PEP 8 style guide.
Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
Intercept HTTP requests at the Python socket level. Fakes the whole socket module
A pentest reporting tool written in Python. Free yourself from Microsoft Word.
flipper zero goodies [intercom_keys][scripts]
Python decompiler for 3.7-3.8 Stripped down from uncompyle6 so we can refactor and start to fix up some long-standing problems
Scripts I use during pentest engagements.
Patch Binaries via MITM: BackdoorFactory + mitmProxy.
sophisticated automated test library and runner
Modernizes Python code for eventual Python 3 migration. Build on top of 2to3