Stars
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public expl…
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具,功能将会强于DirBuster、Dirsearch、cansina、御剑。
🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Privilege Escalation Project - Windows / Linux / Mac
Stealing Signatures and Making One Invalid Signature at a Time
trzsz is a simple file transfer tools, similar to lrzsz ( rz / sz ), and compatible with tmux.
Standalone binaries for Linux/Windows of Impacket's examples
🍪 Flask Session Cookie Decoder/Encoder
Dm2333 / penetration
Forked from az0ne/Permeable渗透 超全面的渗透资料💯 包含:0day,xss,sql注入,提权……
Browser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible…
Generate config for Mac Surge to use SSR & V2RAY