SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Simple forum software for building great communities.

A free open source IT asset/license management system

This is a webshell open source project

A beautiful, fully open-source, tunneling service - written in pure PHP

Single-file PHP shell

📂 Directory Lister is the easiest way to expose the contents of any web-accessible folder for browsing and sharing.

FruityWiFi is a wireless network auditing tool. The application can be installed in any Debian based system (Jessie) adding the extra packages. Tested in Debian, Kali Linux, Kali Linux ARM (Raspber…

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Webshell && Backdoor Collection

构建优化高效的渗透 fuzz 字典合集

Pwn stuff.

Hashtopolis - distributed password cracking with Hashcat

CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting infor…

A Laravel and Filament-powered accounting platform featuring full double-entry accrual accounting, delivering modern automation for professional financial management.

Source code for the demo.filamentphp.com website.

Uguu is a simple lightweight temporary file host with support for drop, paste, click and API uploading.

A laboratory for learning secure web and mobile development in a practical manner.

Payload Arsenal for Pentration Tester and Bug Bounty Hunters

🎯 PHP / ASP - Shell Backdoor List 🎯

Subscription Management and Billing System

Advanced Web Shell

PHPMailer < 5.2.18 Remote Code Execution exploit and vulnerable container

Bypassing disabled exec functions in PHP (c) CRLF

WackoPicko is a vulnerable web application used to test web application vulnerability scanners.

All my Hacking|Pentesting Notes

An XSS Exploitation Tool

The easiest way to create interactive Facebook live streams. Displays reaction count and live shoutouts :)

Web Based Command Control Framework (C2) #C2 #PostExploitation #CommandControl #RedTeam #C2Framework #PHPC2 #.NETMalware #Malware #PHPMalware #CnC #infosec #offensivesecurity #Trojan

List of Magento extensions with known security issues.