(⌐■_■) - Raspberry Pi instrumenting Bettercap for Wi-Fi pwning.

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

A collection of various awesome lists for hackers, pentesters and security researchers

A Burp Extender plugin, that will deserialized java objects and encode them in XML using the Xtream library.

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Open-Source Phishing Toolkit

Tool to look for several security related Android application vulnerabilities

PwnableWeb is a suite of web applications for use in information security training.

Git All the Payloads! A collection of web attack payloads.

tinder cli built at stupid hackathon san francisco 2015

Turn GNU command line tools into SaaS (Stupid Hackathon Project)

Quickjack is a point-and-click tool for intuitively producing advanced clickjacking and frame slicing attacks.

Deciphers SRTP packets

Black box tool to bypass SSL verification on Android, even when pinning is used.

A curated list of CTF frameworks, libraries, resources and softwares

Android Unpacker presented at Defcon 22: Android Hacker Protection Level 0

Official home of the DB Browser for SQLite (DB4S) project. Previously known as "SQLite Database Browser" and "Database Browser for SQLite". Website at:

Application Security Verification Standard

Next-gen BurpSuite penetration testing tool

O-Saft - OWASP SSL advanced forensic tool

Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp

Example of certificate pinning on Android

Advanced Android TextView

A calculator project following CS193P.

A collection of tests that can be run on an emulator or device to verify SQLCipher for Android.

HTML9 Responsive Boilerstrap JS

Android Application to set the phone in a desired training mode for cycling

Automatic SQL injection and database takeover tool