A repository with 3 tools for pwn'ing websites with .git repositories available

A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A Thread Safe fast way to find proxies. Find 2000-5000 working http,socks4,socks5 proxies in one scan.

Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods

Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.

User-Agent , X-Forwarded-For and Referer SQLI Fuzzer

PowerSploit - A PowerShell Post-Exploitation Framework

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

SQL / SQLI tokenizer parser analyzer

WSO2 RCE (CVE-2022-29464) exploit and writeup.

Rapidly enumerate subdomains and domains using rapiddns.io.

JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate re…

Jeeves SQLI Finder

Quickly discover exposed hosts on the internet using multiple search engines.

A list of open source web security scanners

The new generation of famous WSO web shell. With perks included

A curated list of various bug bounty tools

List of API's for gathering information about phone numbers, addresses, domains etc

pFuzz helps us to bypass web application firewall by using different methods at the same time.

Dongtai IAST is an open-source Interactive Application Security Testing (IAST) tool that enables real-time detection of common vulnerabilities in Java applications and third-party components throug…

A Go implementation of dirsearch.

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Free, libre, effective, and data-driven wordlists for all!