Stars
The Web framework for perfectionists with deadlines.
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
Automatic SQL injection and database takeover tool
⚡ A Fast, Extensible Progress Bar for Python and CLI
Exploit Development and Reverse Engineering with GDB & LLDB Made Easy
A swiss army knife for pentesting networks
lgandx / Responder
Forked from SpiderLabs/ResponderResponder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…
Python Socket.IO server and client
Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool, co…
A familiar HTTP Service Framework for Python.
Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors
Accurately separates a URL’s subdomain, domain, and public suffix, using the Public Suffix List (PSL).
Find interesting Amazon S3 Buckets by watching certificate transparency logs.
Scripts I use during pentest engagements.
Search for potential frontable domains
morphHTA - Morphing Cobalt Strike's evil.HTA
A library for parsing .DS_Store files and extracting file names
A Python RESTful API framework for online malware analysis and threat intelligence services.
Bad Characters highlighter for exploit development purposes supporting multiple input formats while comparing.
The Inspector tool is a privilege escalation helper (PoC), easy to deployed on web server, this tool can list process running with root, check kernel version, check history file, get possible explo…
Python library that facilitates interfacing with BeEF via it's RESTful API