Highlights
- Pro
Lists (3)
Sort Name ascending (A-Z)
Stars
Automatic SQL injection and database takeover tool
🎯 SQL Injection Payload List
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a rang…
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
BruteXSS is a tool written in python simply to find XSS vulnerabilities in web application. This tool was originally developed by Shawar Khan in CLI. I just redesigned it and made it GUI for more c…
a list of awesome resources related to security and hacking of VoIP, WebRTC and VoLTE
Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers.
AIGoat: A deliberately Vulnerable AI Infrastructure. Learn AI security through solving our challenges.
Bambdas collection for Burp Suite Professional and Community.
Obtain GraphQL API schema even if the introspection is disabled
Send phishing messages and attachments to Microsoft Teams users
An offensive security toolset for Microsoft 365 focused on Microsoft Copilot, Copilot Studio and Power Platform
Write any JavaScript with 6 Characters: []()!+
A powerful obfuscator for JavaScript and Node.js
The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools
dnsenum is a perl script that enumerates DNS information
🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
CLI tool to quickly and efficiently bulk-download entries from a Certificate Transparency log