A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Deep Learning for humans

Rich is a Python library for rich text and beautiful formatting in the terminal.

ALL IN ONE Hacking Tool For Hackers

The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

the only cheat sheet you need

Automatic SQL injection and database takeover tool

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Open-source AI hackers to find and fix your app’s vulnerabilities.

Impacket is a collection of Python classes for working with network protocols.

Most advanced XSS scanner.

Web path scanner

match command-line arguments to their help text

CTF framework and exploit development library

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWA…

Scapy: the Python-based interactive packet manipulation program & library.

A command-line productivity tool powered by AI large language models like GPT-5, will help you accomplish your tasks faster and more efficiently.

Fast subdomains enumeration tool for penetration testers

Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

OneForAll是一款功能强大的子域收集工具

(⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.

📱 objection - runtime mobile exploration

Nginx configuration static analyzer

A powerful and user-friendly binary analysis platform!

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

You Know, For WEB Fuzzing !

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers.

Everything about Web Application Firewalls (WAFs) from Security Standpoint! 🔥