The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Multi-Cloud Security Auditing Tool

A collection of Azure AD/Entra tools for offensive and defensive security purposes

CISSP and CCSP study material repository. ISC2.

crack and generate jwt with ease

Multiplayer pivoting solution

Flutter Reverse Engineering Framework

A tool for exploiting Moxie Marlinspike's SSL "stripping" attack.

Display and control your Android device

Attack Surface Management Platform

GBounty is a multi-step website vulnerability scanner developed in Golang designed to help companies, pentesters, and bug hunters identify potential vulnerabilities in web applications.

Connect like there is no firewall. Securely.

Global Socket Server

Adversary Emulation Framework

Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3

Differential testing framework for HTTP implementations

Advance OTP Bypass Tool. Termux Supported.

🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens

A script that you can run in the background!

OSCP Cheat Sheet

SQLMutant is a powerful SQL injection testing tool that includes both passive and active reconnaissance processes for any given domain. It filters URLs to identify those with parameters susceptible…

NucleiFuzzer is a robust automation tool that efficiently detects web application vulnerabilities, including XSS, SQLi, SSRF, and Open Redirects, leveraging advanced scanning and URL enumeration te…

Uncover the true IP address of websites safeguarded by Cloudflare & Others

The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving to…

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

PoC for Zerologon - all research credits go to Tom Tervoort of Secura

Test tool for CVE-2020-1472

Various *nix tools built as statically-linked binaries