🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

A secure low code honeypot framework, leveraging AI for System Virtualization.

The Secure Coding Dojo is a platform for delivering secure coding knowledge.

The Simple Agent Development Kit.

Legba recipes.

Distributed LLM and StableDiffusion inference for mobile, desktop and server.

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

All In One Web Recon

Automatic SQL injection and database takeover tool

Most advanced XSS scanner.

CeWL is a Custom Word List Generator

Fetch all the URLs that the Wayback Machine knows about for a domain

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

🕵️‍♂️ All-in-one OSINT tool for analysing any website

An engine to make Tor network your default gateway

🕵️‍♂️ Offensive Google framework.

A Go library which main purpose is giving an interface to loop over a dictionary and use those words/lines as input for some custom logic such as HTTP file bruteforcing, DNS bruteforcing, etc.

A Go implementation of dirsearch.

Damn Vulnerable Web Application (DVWA)

PostgreSQL driver and toolkit for Go

A minimal programming example for a chat server

The fastest and more comprehensive multiprotocol credentials bruteforcer / password sprayer and enumerator. 🥷

Web path scanner

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

XRay is a tool for recon, mapping and OSINT gathering from public networks.

shellz is a small utility to manage your ssh, telnet, kubernetes, winrm, web or any custom shell in a single place.

A python wrapper around the https://coinmarketcap.com API.

A manager for your secrets.