The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

Automatic SQL injection and database takeover tool

A book-in-progress about the Linux kernel and its insides.

Deezer source separation library including pretrained models.

match command-line arguments to their help text

CTF framework and exploit development library

A terminal spreadsheet multitool for discovering and arranging data

The official repo for “Dolphin: Document Image Parsing via Heterogeneous Anchor Prompting”, ACL, 2025.

PEDA - Python Exploit Development Assistance for GDB

The Leading Security Assessment Framework for Android.

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

[ab]using Unicode to create tragedy

📊 Save matplotlib figures as TikZ/PGFplots for smooth integration into LaTeX.

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

Wiki-like CTF write-ups repository, maintained by the community. 2014

DOM fuzzer

🚂 A small JS+SVG library for drawing railroad syntax diagrams, like on JSON.org. Now with a Python port!

Safe code refactoring for modern Python.

IDAPython project for Hex-Ray's IDA Pro

A tool to analyze multi-byte xor cipher

A Python implementation of a Python bytecode runner

Driller: augmenting AFL with symbolic execution!

Advanced skinning plugin for IDA Pro

CTF write-ups by Plaid Parliament of Pwning

The 'exploitable' GDB plugin

Visualization of heap operations.

K Semantics of the Ethereum Virtual Machine (EVM)

K Framework Tools 7.0

A colleciton of CTF write-ups all using pwntools

python library to examine ptmalloc (the glibc userland heap implementation)