The USB host security assessment tool

proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. continuation of the unmaintained p…

Set of tools to analyze Windows sandboxes for exposed attack surface.

A fork of AFL for fuzzing Windows binaries

Extract BIOS firmware from Intel-based workstations and laptops

Research papers and tools on Android

Binary Instrumentation of Android Apps

Testing TLS/SSL encryption anywhere on any port

Eavesdrop on TLS connections with libpcap

Automate scans using Qualys SSL Labs

Java RMI enumeration and attack tool.

oreboot is a fork of coreboot, with C removed, written in Rust.

All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities

Easy-to-use java bytecode editor - successor of JByteMod!

A byte code analyzer for finding deserialization gadget chains in Java applications

A Simple command line tool that helps checking web applications to identify insecure deserialization vulnerabilities.

A collection of links related to Linux kernel security and exploitation

ZMap is a fast single packet network scanner designed for Internet-wide network surveys.

Dynamic analysis framework for JavaScript

Plattform to develop and experiment with existing java web attacks.

Java Message Exploitation Tool

sslscan tests SSL/TLS enabled services to discover supported cipher suites

List of Awesome Red Teaming Resources

SQLI labs to test error based, Blind boolean based, Time based.

Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

Find, verify, and analyze leaked credentials

A tool to dump Java serialization streams in a more human readable form.

A Java library for capturing, crafting, and sending packets.

Proofs-of-concept