C0rm4cs

C0rm4cs C0rm4cs

Starred repositories

49 stars written in PHP

danielmiessler / SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

PHP 66,730 24,750 Updated Nov 5, 2025

PHPMailer / PHPMailer

The classic email sending library for PHP

PHP 21,879 9,870 Updated Nov 5, 2025

digininja / DVWA

Damn Vulnerable Web Application (DVWA)

PHP 12,090 4,335 Updated Oct 14, 2025

tennc / webshell

This is a webshell open source project

PHP 10,583 5,610 Updated Dec 24, 2024

fuzzdb-project / fuzzdb

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

PHP 8,721 2,117 Updated Nov 10, 2023

paragonie / awesome-appsec

A curated list of resources for learning about application security

PHP 6,707 768 Updated Feb 22, 2025

Audi-1 / sqli-labs

SQLI labs to test error based, Blind boolean based, Time based.

PHP 5,619 1,549 Updated Dec 11, 2023

ambionics / phpggc

PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.

PHP 3,635 533 Updated Sep 29, 2025

osTicket / osTicket

The osTicket open source ticketing system official project repository, for versions 1.8 and later

PHP 3,582 1,771 Updated Feb 4, 2025

Tuhinshubhra / RED_HAWK

All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers

PHP 3,443 915 Updated Jul 31, 2024

orangetw / My-CTF-Web-Challenges

Collection of CTF Web challenges I made

PHP 2,792 481 Updated Aug 31, 2025

flozz / p0wny-shell

Single-file PHP shell

PHP 2,602 674 Updated Aug 11, 2025

pentestmonkey / php-reverse-shell

PHP 2,602 1,872 Updated Aug 7, 2024

bartblaze / PHP-backdoors

A collection of PHP backdoors. For educational or testing purposes only.

PHP 2,247 471 Updated Mar 9, 2024

xl7dev / WebShell

Webshell && Backdoor Collection

PHP 1,950 1,037 Updated Apr 6, 2020

ine-labs / AWSGoat

AWSGoat : A Damn Vulnerable AWS Infrastructure

PHP 1,935 1,387 Updated May 20, 2025

JohnTroony / php-webshells

Common PHP webshells you might need for your Penetration Testing assignments or CTF challenges. Do not host the file(s) on your server!

PHP 1,924 780 Updated Mar 3, 2021

evilc0deooo / PentesterSpecialDict

构建优化高效的渗透 fuzz 字典合集

PHP 1,854 334 Updated Jun 17, 2025

mm0r1 / exploits

Pwn stuff.

PHP 1,804 389 Updated May 31, 2022

pk-fr / yakpro-po

YAK Pro - Php Obfuscator

PHP 1,470 394 Updated Sep 11, 2025

webpwnized / mutillidae

OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, s…

PHP 1,428 506 Updated Aug 3, 2025

Raikia / FiercePhish

FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.

PHP 1,386 256 Updated Jan 9, 2024

BlackArch / webshells

Various webshells. We accept pull requests for additions to this collection.

PHP 983 345 Updated Oct 4, 2023

googleinurl / SCANNER-INURLBR

Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.

PHP 877 402 Updated Apr 9, 2021

pentestgeek / phishing-frenzy

Ruby on Rails Phishing Framework

PHP 868 316 Updated Nov 7, 2023

mattiasgeniar / php-exploit-scripts

A collection of PHP exploit scripts, found when investigating hacked servers. These are stored for educational purposes and to test fuzzers and vulnerability scanners. Feel free to contribute.

PHP 852 232 Updated Feb 26, 2024