Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Chat with your notes & see links to related content with AI embeddings. Use local models or 100+ via APIs like Claude, Gemini, ChatGPT & Llama 3

Full featured CSV parser with simple api and tested against large datasets.

A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code.

Hand-crafted Frida examples

Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.

🕉 Soul | Automatic SQLite RESTful and realtime API server | Build CRUD APIs in minutes!

A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

XSS payloads designed to turn alert(1) into P1

A DNS rebinding attack framework.

A collection of ZAP scripts and tips provided by the community - pull requests very welcome!

A quick and easy way to view/edit basic keys in etcd.

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

Chrome V8 n-day exploits that I've written.

A tool to create obfuscated HTA script.

Foxit PDF Reader Remote Code Execution Exploit

Use Snow to finally secure your web app's same origin realms!

Protection against HTML smuggling attacks.

A test suite built with Mocha/Chai to test for behavioral differences between image libraries for the web

Spongebob-themed cypher injection playground

Working Proof of Concept Exploit for CVE-2018-17463

a better UI for fuzzers

Simple XSS payload

Port of fileman for php, from roxyfileman.com