A list of useful payloads and bypass for Web Application Security and Pentest/CTF

The Python micro framework for building web applications.

E-mails, subdomains and names Harvester - OSINT

Multi-Cloud Security Auditing Tool

The FLARE team's open-source tool to identify capabilities in executable files.

Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.

File upload vulnerability scanner and exploitation tool.

Mimikatz implementation in pure Python

DNS Enumeration Script

A Python program to scrape secrets from GitHub through usage of a large repository of dorks.

Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal & Intelligence X!

The SpecterOps project management and reporting engine

A pure-python fully automated and unattended fuzzing framework.

Python version of the C# tool for "Shadow Credentials" attacks

A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities

A reverse engineering framework written in Python.

A pure-python win32 debugger interface.

python-masscan is a python library which helps in using masscan port scanner.

DART is a test documentation tool created by the Lockheed Martin Red Team to document and report on penetration tests, especially in isolated network environments.

Python implementation for PetitPotam

Hide shellcode by shuffling bytes into a random array and reconstruct at runtime

Malware As A Service

An advanced graphical search engine for Exploit-DB

Recurrent Neural Network SubDomain Discovery Tool

A tunneling toolkit enabling operators to move data from one place to another evasively.

Scanning for CVE-2020-8193 - Auth Bypass check