📚 Freely available programming books

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

30 days of Python programming challenge is a step-by-step guide to learn the Python programming language in 30 days. This challenge may take more than 100 days, follow your own pace. These videos m…

The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Glances an Eye on your system. A top/htop alternative for GNU/Linux, BSD, Mac OS and Windows operating systems.

🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

Faker is a Python package that generates fake data for you.

Most advanced XSS scanner.

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

Incredibly fast crawler designed for OSINT.

fsociety Hacking Tools Pack – A Penetration Testing Framework

Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

The recursive internet scanner for hackers. 🧡

A swiss army knife for pentesting networks

(⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.

CTFs as you need them

A new kind of Progress Bar, with real-time throughput, ETA, and very cool animations!

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

HTTP parameter discovery suite.

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

Scanning APK file for URIs, endpoints & secrets.

Ultimate Python study guide 🐍 🐍 🐍

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

Using the jedi autocompletion library for VIM.

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

IntelOwl: manage your Threat Intelligence at scale

SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

Automatic SSRF fuzzer and exploitation tool