A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Ansible is a radically simple IT automation platform that makes your applications and systems easier to deploy and maintain. Automate everything from code deployment to network configuration to clo…

💻 A fully functional local AWS cloud stack. Develop and test your cloud & Serverless apps offline

A simple, yet elegant, HTTP library.

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

If you live in the terminal, kitty is made for you! Cross-platform, fast, feature-rich, GPU based.

Automated nginx proxy for Docker containers using docker-gen

Official repository for IPython itself. Other repos in the IPython organization contain things like the website, documentation builds, etc.

Impacket is a collection of Python classes for working with network protocols.

Most advanced XSS scanner.

CTF framework and exploit development library

Exploitation Framework for Embedded Devices

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWA…

an awesome list of honeypot resources

Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

Wrong project! You should head over to http://github.com/sshuttle/sshuttle

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

Nginx configuration static analyzer

A powerful and user-friendly binary analysis platform!

An advanced memory forensics framework

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

Multi-Cloud Security Auditing Tool

RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data

CTFs as you need them

Web application fuzzer

PEDA - Python Exploit Development Assistance for GDB

Open Source Vulnerability Management Platform

HTTP parameter discovery suite.

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.