The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

ZeroNet - Decentralized websites using Bitcoin crypto and BitTorrent network

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

Community curated list of templates for the nuclei engine to find security vulnerabilities.

A curated list of CTF frameworks, libraries, resources and softwares

The Browser Exploitation Framework Project

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

System monitoring dashboard for terminal

Program for determining types of files for Windows, Linux and MacOS.

WebGoat is a deliberately insecure application

JavaScript parser / mangler / compressor / beautifier library for NodeJS

Arkime is an open source, large scale, full packet capturing, indexing, and database system.

KCon is a famous Hacker Con powered by Knownsec Team.

P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming and physical engagements ... or into "A Little Offensive Ap…

Wow such top. So stats. More better than regular top.

A collaborative, multi-platform, red teaming framework

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.

HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors

Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime

Pentest Report Generator

UFONet - Denial of Service Toolkit

A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me

Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.

XSS'OR - Hack with JavaScript.

Binary instrumentation framework based on FRIDA

Reverse Shell as a Service

Frida scripts to rewrite mobile applications at runtime to directly MitM all HTTPS traffic

A "zooming" presentation editor