Command-line program to download videos from YouTube.com and other video sites

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

ALL IN ONE Hacking Tool For Hackers

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Official inference framework for 1-bit LLMs

Zulip server and web application. Open-source team chat that helps teams stay productive and focused.

An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

A swiss army knife for pentesting networks

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

Bandit is a tool designed to find common security issues in Python code.

Google Sheets Python API

Very efficient backup system based on the git packfile format, providing fast incremental saves and global deduplication (among and within files, including virtual machine images). Please post prob…

Web application fuzzer

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

Common User Passwords Profiler (CUPP)

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

The x86 processor fuzzer

Windows Exploit Suggester - Next Generation

This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC, MIPS, RISC-V 64, a…

My own custom 12ft.io replacement

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.

JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.

An evil RAT (Remote Administration Tool) for macOS / OS X.

A fork and successor of the Sulley Fuzzing Framework

dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!