Stars
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
wallabag is a self hostable application for saving web pages: Save and classify articles. Read them later. Freely.
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.
365-Stealer is a phishing simualtion tool written in python3. It can be used to execute Illicit Consent Grant Attack.
Some of the best web shells that you might need!