A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Hunt down social media accounts by username across social networks

the only cheat sheet you need

What the f*ck Python? 😱

A book-in-progress about the Linux kernel and its insides.

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

🕵️‍♂️ Collect a dossier on a person by username from thousands of sites

Impacket is a collection of Python classes for working with network protocols.

The Ethereum Improvement Proposal repository

Credentials recovery project

Conan - The open-source C and C++ package manager

Introduction to Machine Learning Systems

Nginx configuration static analyzer

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

Everything about Web Application Firewalls (WAFs) from Security Standpoint! 🔥

🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens

Static Analyzer for Solidity and Vyper

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Python Classes Without Boilerplate

Scalable fuzzing infrastructure.

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Hunt for security weaknesses in Kubernetes clusters

Dependency injection framework for Python

PyInstaller Extractor

A database migrations tool for SQLAlchemy.

A familiar HTTP Service Framework for Python.

pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching

CodeChecker is an analyzer tooling, defect database and viewer extension for static and dynamic analyzer tools.

Python wrapper for tshark, allowing python packet parsing using wireshark dissectors