SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers

FruityWiFi is a wireless network auditing tool. The application can be installed in any Debian based system (Jessie) adding the extra packages. Tested in Debian, Kali Linux, Kali Linux ARM (Raspber…

FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.

Various webshells. We accept pull requests for additions to this collection.

Ruby on Rails Phishing Framework

Advanced Web Shell

DejaVU - Open Source Deception Framework

PHP Frontend to work with the SQLMAP JSON API Server (sqlmapapi.py) to allow for a Web GUI to drive near full functionality of SQLMAP!

A Python and ruby script to automate rogue AP process

A place for scripts that describe web exploits to live so they can be used in testing

Complete Grav Demo site which can be imported into your own repository or IDE.