Proxy over your Docker socket to restrict which requests it accepts

PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

SSRF (Server Side Request Forgery) testing resources

This repository contains various media files for known attacks on web applications processing media files. Useful for penetration tests and bug bounty.

Weakpass collection of tools for bruteforce and hashcracking

J2ME Old Samsung mobile game. Sources: MCookie | Wait4U, Samsung Funclub.

Kraker is a distributed password brute-force system that focused on easy use.

Highlighting different firefox containers in Burp Proxy

A frida tool to dump dex in memory to support security engineers analyzing malware.

Tool for catching and logging different types of requests.

🤖 The Modern Port Scanner 🤖

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

Using Intel's PIN tool to solve CTF problems

📙 Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

The best tool for finding one gadget RCE in libc.so.6

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

The checkm8 port for Arduino and USB Host Shield

Web CTF CheatSheet 🐈

Go library for credentials recovery

Contactless EMV credit card reader

Kubernetes security notes and best practices

Apple BLE research

Redis 4.x/5.x RCE

Validate your string, that consists of only parentheses.

Tasks from Hack Battle by SPbCTF at PHDays 9

Common Web Managers Fuzz Wordlists

Make any web page a desktop application

Cheat Sheets, Metodologies etc.

Everything about Web Application Firewalls (WAFs) from Security Standpoint! 🔥