Skip to content
View federicodotta's full-sized avatar
288 followers · 3 following

Achievements

Achievement: QuickdrawAchievement: Arctic Code Vault ContributorAchievement: Starstruckx3Achievement: Pull Shark

Achievements

Achievement: QuickdrawAchievement: Arctic Code Vault ContributorAchievement: Starstruckx3Achievement: Pull Shark

Block or report federicodotta

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Stars

Showing results

swisskyrepo / PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Python 71,441 16,187 Updated Nov 2, 2025

NationalSecurityAgency / ghidra

Ghidra is a software reverse engineering (SRE) framework

Java 61,876 6,878 Updated Oct 30, 2025

rapid7 / metasploit-framework

Metasploit Framework

Ruby 36,840 14,605 Updated Nov 5, 2025

dnSpy / dnSpy

.NET debugger and assembly editor

C# 28,491 5,397 Updated Dec 20, 2020

radareorg / radare2

UNIX-like reverse engineering framework and command-line toolset

C 22,555 3,133 Updated Nov 6, 2025

MobSF / Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

JavaScript 19,748 3,507 Updated Nov 5, 2025

vulhub / vulhub

Pre-Built Vulnerable Environments Based on Docker-Compose

Dockerfile 19,744 4,714 Updated Sep 19, 2025

frida / frida

Clone this repo to build Frida

Meson 18,932 1,934 Updated Nov 5, 2025

fortra / impacket

Impacket is a collection of Python classes for working with network protocols.

Python 15,065 3,814 Updated Oct 22, 2025

jopohl / urh

Universal Radio Hacker: Investigate Wireless Protocols Like A Boss

Python 11,924 945 Updated Jul 31, 2025

HackTricks-wiki / hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

JavaScript 10,496 2,927 Updated Nov 6, 2025

testssl / testssl.sh

Testing TLS/SSL encryption anywhere on any port

Shell 8,671 1,101 Updated Nov 4, 2025

sensepost / objection

📱 objection - runtime mobile exploration

Python 8,611 937 Updated Oct 30, 2025

frohoff / ysoserial

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Java 8,573 1,844 Updated Mar 31, 2024

de4dot / de4dot

.NET deobfuscator and unpacker.

C# 7,274 2,784 Updated Aug 29, 2020

commixproject / commix

Automated All-in-One OS Command Injection Exploitation Tool.

Python 5,509 898 Updated Oct 27, 2025

vaibhavpandeyvpz / apkstudio

Open-source, cross platform Qt based IDE for reverse-engineering Android application packages.

C++ 3,071 555 Updated Oct 6, 2023

secgroundzero / warberry

WarBerryPi - Tactical Exploitation

JavaScript 2,225 288 Updated Nov 9, 2019

chaitin / passionfruit

[WIP] Crappy iOS app analyzer

Vue 1,668 227 Updated Nov 14, 2021

GhostManager / Ghostwriter

The SpecterOps project management and reporting engine

Python 1,663 223 Updated Nov 3, 2025

PortSwigger / turbo-intruder

Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.

Kotlin 1,661 226 Updated Nov 6, 2025

iGio90 / Dwarf

Full featured multi arch/os debugger built on top of PyQt5 and frida

Python 1,311 174 Updated May 16, 2024

ghidraninja / ghidra_scripts

Scripts for the Ghidra software reverse engineering suite.

YARA 1,114 105 Updated Oct 7, 2020

Quitten / Autorize

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automa…

Python 1,114 243 Updated Jul 3, 2025

sagishahar-zz / lpeworkshop

Windows / Linux Local Privilege Escalation Workshop

Batchfile 1,008 245 Updated Jan 15, 2019

dmayer / idb

idb is a tool to simplify some common tasks for iOS pentesting and research

Ruby 950 161 Updated Mar 25, 2023

ilmila / J2EEScan

J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.

Java 670 186 Updated Oct 29, 2025

iceman1001 / proxmark3

Forked from Proxmark/proxmark3

[Deprecated] Iceman Fork, the most totally wicked fork around if you are into proxmark3

C 472 116 Updated Jun 12, 2020

ReversecLabs / android-keystore-audit

JavaScript 449 107 Updated Jul 17, 2025

OWASP / www-project-ai-testing-guide

OWASP Foundation web repository

HTML 429 82 Updated Nov 6, 2025
Next