A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Automatic SQL injection and database takeover tool

Web APIs for Django. 🎸

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

CTFs as you need them

Scanning APK file for URIs, endpoints & secrets.

A collection of custom security tools for quick needs.

Tool for Active Directory Certificate Services enumeration and abuse

Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation

Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.

Türk kullanıcıların parola seçimlerinin analizi için yapılmış bir çalışmadır

HackerOne "in scope" domains

Zenith exploits a memory corruption vulnerability in the NetUSB driver to get remote-code execution on the TP-Link Archer C7 V5 router for Pwn2Own Austin 2021.

一款url快速检测工具，能够根据关键词搜索域名信息、快速获取url信息 来自Plat狼组安全平台