Ghidra is a software reverse engineering (SRE) framework

A standalone Java Decompiler GUI

The ZAP by Checkmarx Core project

Style and Grammar Checker for 25+ Languages

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

Angry IP Scanner - fast and friendly network scanner

A modern, web-based SSH console and key management tool. Bastillion gives you a clean, browser-based way to manage SSH access across all your systems. Think of it like a bastion host with a friendl…

Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to invest…

Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)

The new bridge between Burp Suite and Frida!

Open Adversarial Exposure Validation Platform

TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.

CLOSE ACCESS DENIAL.

Batfish is a network configuration analysis tool that can find bugs and guarantee the correctness of (planned or current) network configurations. It enables network engineers to rapidly and safely …

Provides situational awareness of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks in support of network security assessments. #nsacyber

🔐 A CLI tool to extract server certificates

Automated HTTP Request Repeating With Burp Suite

Vulnerability scanner based on vulners.com search API

Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Finds unknown classes of injection vulnerabilities

Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans

Automatically exported from code.google.com/p/armitage

REST/JSON API to the Burp Suite security tool.

A collection of Cortana scripts that you may use with Armitage and Cobalt Strike 2.x. Cortana Scripts are not compatible with Cobalt Strike 3.x. Cobalt Strike 3.x uses a variant of Cortana called A…

Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"

ThreadFix is a software vulnerability management platform. This GitHub site is far out of date. Please go to www.threadfix.it for up-to-date information.

Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite

psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-searching payload generator, LFI mode, nix & windows support,…