SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Damn Vulnerable Web Application (DVWA)

ARCHIVED

An Application dashboard and launcher

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

h-m-m, or Hackers Mind Map, is a simple, fast, keyboard-centric terminal-based tool for working with mind maps.

Webshell && Backdoor Collection

Hashtopolis - distributed password cracking with Hashcat

Ruby on Rails Phishing Framework

Collection of my scripts

The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of configurable vulnerability testbeds.

CrackStation.net's Lookup Table Implementation.

A collection of web pages vulnerable to SQL injection flaws

WackoPicko is a vulnerable web application used to test web application vulnerability scanners.

Phishing Scenarios Used for Phishing Frenzy

CryptOMG is a configurable CTF style test bed that highlights common flaws in cryptographic implementations.

Wordpress Vulnerability Scanner

A configurable SQL injection test-bed

Mobile Zabbix frontend for iPhone, Android, Windows Mobile, ...

The core of Phorum

This is my personal repo, which includes bug bounty tips, a collection of tools, one-liners, and other resources I personally prefer while hunting. It is still under development, so feel free to co…

Simple engine for web interactive text adventures with chat-logging multiplayer support.

A set of XSS vulnerable PHP scripts for testing

Cablegate's cables: Full-text search web site

XP 5.X - superseded by https://github.com/xp-framework/core

A configurable XPath/XML injection testbed

Open Source Torrent Index Website

XSSmh - A configurable Cross-Site Scripting testbed

web based software system for manging membership based community