A list of useful payloads and bypass for Web Application Security and Pentest/CTF

The official gpt4free repository | various collection of powerful language models | opus 4.6 gpt 5.3 kimi 2.5 deepseek v3.2 gemini 3

Automatic SQL injection and database takeover tool

A configuration framework that enhances Claude Code with specialized commands, cognitive personas, and development methodologies.

The authentication glue you need.

🕵️‍♂️ Collect a dossier on a person by username from 3000+ sites

🦉 OWL: Optimized Workforce Learning for General Multi-Agent Assistance in Real-World Task Automation

Most advanced XSS scanner.

Web path scanner

Python based web automation tool. Powerful and elegant.

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

CTFs as you need them

Hide screen when boss is approaching.

HTTP parameter discovery suite.

A cross-version Python bytecode decompiler

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool, co…

Automatic SSRF fuzzer and exploitation tool

Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing

Stealing Signatures and Making One Invalid Signature at a Time

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Everything for pentest. | 渗透测试知识库，以 AI Agent 可执行的格式沉淀安全方法论。

基于各大API的一款企业信息查询工具，为了更快速的获取企业的信息，省去收集的麻烦过程，web端于plat平台上线

大宝剑-边界资产梳理工具（红队、蓝队、企业组织架构、子域名、Web资产梳理、Web指纹识别、ICON_Hash资产匹配）

Threat Intelligence Gathering 威胁情报收集，旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率。

Mooder是一款开源、安全、简洁、强大的团队内部知识分享平台。

Repo with various Red Team scripts

一款url快速检测工具，能够根据关键词搜索域名信息、快速获取url信息 来自Plat狼组安全平台

WolfAWD 一款基于Python的AWD线下比赛框架

基于 claude-agent-sdk 的智能渗透测试 Agent，用于参与第二届 TCH 智能渗透挑战赛。

Python Arpspoof For Multiple Targets