The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).

Proof of concept code for Datadog Security Labs referenced exploits.

ALL IN ONE Hacking Tool For Hackers

Small and highly portable detection tests based on MITRE's ATT&CK.

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve…

PowerShell Obfuscator

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.

A collective of different IRs for the Flipper

🎤⌨️ Acoustic keyboard eavesdropping

Understand the nature of malicious software with practical examples in Python.

Open Cyber Threat Intelligence Platform

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

Community curated list of templates for the nuclei engine to find security vulnerabilities.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

Diablo ~ Hacking / Pentesting & Reporting

The Single Sign-On Multi-Factor portal for web apps, now OpenID Certified™

Advanced Phishing tool

Social media & camera hacking & whatsapp virus & SMS bombing

🤖 The Modern Port Scanner 🤖

Applied offensive security with Rust - https://kerkour.com/black-hat-rust

A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Develo…

awesome-linux-rootkits

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods

Hunt down social media accounts by username across social networks