Stars
A book series (2 published editions) on the JS language.
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
A modern, portable, easy to use crypto library.
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
fsociety Hacking Tools Pack – A Penetration Testing Framework
Some setup scripts for security research tools.
A swiss army knife for pentesting networks
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
This is a multi-use bash script for Linux systems to audit wireless networks.
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Reverse engineering and pentesting for Android applications
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors
🔥 CHAOS is a free and open-source Remote Administration Tool that allow generate binaries to control remote operating systems.
Low bandwidth DoS tool. Slowloris rewrite in Python.
DEPRECATED, bettercap developement moved here: https://github.com/bettercap/bettercap
OSINT Tool for Finding Passwords of Compromised Email Addresses
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor