A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.

PowerShell for every system!

Metasploit Framework

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Course Files for Complete Python 3 Bootcamp Course on Udemy

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

Oh my tmux! My self-contained, pretty & versatile tmux configuration made with 💛🩷💙🖤❤️🤍

The Markdown-based note-taking app that doesn't suck.

A little tool to play with Windows security

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Impacket is a collection of Python classes for working with network protocols.

In-depth attack surface mapping and asset discovery

Web path scanner

cheat allows you to create and view interactive cheatsheets on the command-line. It was designed to help remind *nix system administrators of options for commands that they use frequently, but not …

Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.

PowerSploit - A PowerShell Post-Exploitation Framework

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Small and highly portable detection tests based on MITRE's ATT&CK.

Effing package management! Build packages for multiple platforms (deb, rpm, etc) with great ease and sanity.

This is a webshell open source project

Six Degrees of Domain Admin

an awesome list of honeypot resources

Main Sigma Rule Repository

Nikto web server scanner

The single instruction C compiler

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

A swiss army knife for pentesting networks

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.