The USB host security assessment tool

proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. continuation of the unmaintained p…

Set of tools to analyze Windows sandboxes for exposed attack surface.

A fork of AFL for fuzzing Windows binaries

Extract BIOS firmware from Intel-based workstations and laptops

Research papers and tools on Android

Binary Instrumentation of Android Apps

Testing TLS/SSL encryption anywhere on any port

A command line tool to enumerate TLS cipher-suites supported by a server

A self-hosted Fuzzing-As-A-Service platform

Eavesdrop on TLS connections with libpcap

Automate scans using Qualys SSL Labs

Java RMI enumeration and attack tool.

oreboot is a fork of coreboot, with C removed, written in Rust.

All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities

Easy-to-use java bytecode editor - successor of JByteMod!

A byte code analyzer for finding deserialization gadget chains in Java applications

A static analysis API for finding deserialization attack gadgets

A Simple command line tool that helps checking web applications to identify insecure deserialization vulnerabilities.

A collection of links related to Linux kernel security and exploitation

ZMap is a fast single packet network scanner designed for Internet-wide network surveys.

Dynamic analysis framework for JavaScript

Plattform to develop and experiment with existing java web attacks.

Java Message Exploitation Tool

sslscan tests SSL/TLS enabled services to discover supported cipher suites

Man in the middle testing

Build a fake backend by providing the content of JSON files or JavaScript objects through configurable routes.

Yeoman generator for building a fake backend by providing the content of JSON files or JavaScript objects through configurable routes.

List of Awesome Red Teaming Resources