A list of useful payloads and bypass for Web Application Security and Pentest/CTF

The official gpt4free repository | various collection of powerful language models | o4, o3 and deepseek r1, gpt-4.1, gemini 2.5

🚀AI拟声: 5秒内克隆您的声音并生成任意语音内容 Clone a voice in 5 seconds to generate arbitrary speech in real-time

Glances an Eye on your system. A top/htop alternative for GNU/Linux, BSD, Mac OS and Windows operating systems.

🗃 Open source self-hosted web archiving. Takes URLs/browser history/bookmarks/Pocket/Pinboard/etc., saves HTML, JS, PDFs, media, and more...

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Network Analysis in Python

Incredibly fast crawler designed for OSINT.

Python based web automation tool. Powerful and elegant.

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

Automatic integrate all Xiaomi devices to HomeAssistant via miot-spec, support Wi-Fi, BLE, ZigBee devices. 小米米家智能家居设备接入Hass集成

Open-source offline translation library written in Python

Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share th…

Intelligent proxy pool for Humans™ to extract content from the internet and build your own Large Language Models in this new AI era

Multi-vendor library to simplify Paramiko SSH connections to network devices

A remote monitoring & management tool, built with Django, Vue and Go.

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

💫 Ngrok FRP Alternative • ⚡ Fast • 🪶 Lightweight • 0️⃣ Dependency • 🔌 Pluggable • 😈 TLS interception • 🔒 DNS-over-HTTPS • 🔥 Poor Man's VPN • ⏪ Reverse & ⏩ Forward • 👮🏿 "Proxy Server" framework • 🌐 …

Tool for Active Directory Certificate Services enumeration and abuse

Mimikatz implementation in pure Python

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

KunLun-M是一个完全开源的静态白盒扫描工具，支持PHP、JavaScript的语义扫描，基础安全、组件安全扫描，Chrome Ext\Solidity的基础扫描。

Stealing Signatures and Making One Invalid Signature at a Time

🎡 Build Python wheels for all the platforms with minimal configuration.

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.

高达百万级规则！由我原创&整理的 AdGuardHomeRules ADH广告拦截过滤规则！打造全网最强最全规则集

Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!

Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation

基于各大API的一款企业信息查询工具，为了更快速的获取企业的信息，省去收集的麻烦过程，web端于plat平台上线

A python script to scan for Apache Tomcat server vulnerabilities.