real time face swap and one-click video deepfake with only a single image

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

The Python programming language

Deepfakes Software For All

A simple, yet elegant, HTTP library.

The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

Automatic SQL injection and database takeover tool

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

A next generation HTTP client for Python. 🦋

Most advanced XSS scanner.

The Rogue Access Point Framework

Web path scanner

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWA…

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

Incredibly fast crawler designed for OSINT.

fsociety Hacking Tools Pack – A Penetration Testing Framework

A command-line productivity tool powered by AI large language models like GPT-4, will help you accomplish your tasks faster and more efficiently.

Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

A swiss army knife for pentesting networks

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

(⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

HTTP parameter discovery suite.

Reverse engineering and pentesting for Android applications

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

Scanning APK file for URIs, endpoints & secrets.

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

IntelOwl: manage your Threat Intelligence at scale

A cross-version Python bytecode decompiler