PayloadsAllTheThings by swisskyrepo

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

created at Oct. 18, 2016, 7:29 a.m.

1,843 +2

61,934 +136

14,782 +33

maigret by soxoj

🕵️‍♂️ Collect a dossier on a person by username from thousands of sites

created at June 27, 2020, 2:16 p.m.

98 +8

13,266 +2517

916 +103

owasp-mastg by OWASP

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

created at Sept. 30, 2016, 8:22 a.m.

424 +0

11,817 +10

2,350 +3

opensnitch by evilsocket

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

created at April 16, 2017, 2:02 p.m.

202 +0

11,018 +16

516 +3

Sublist3r by aboul3la

Fast subdomains enumeration tool for penetration testers

created at Dec. 15, 2015, 12:55 a.m.

230 +0

9,949 +14

2,114 +4

volatility by volatilityfoundation

An advanced memory forensics framework

created at April 24, 2014, 3:45 p.m.

310 +0

7,413 +21

1,288 +3

bunkerweb by bunkerity

🛡️ Open-source and next-generation Web Application Firewall (WAF)

created at Aug. 20, 2019, 9:20 p.m.

57 +0

7,059 +117

392 +5

monkey by guardicore

Infection Monkey - An open-source adversary emulation platform

created at Aug. 30, 2015, 7:22 a.m.

239 +0

6,698 +6

788 +0

Dshell by USArmyResearchLab

Dshell is a network forensic analysis framework.

created at Dec. 17, 2014, 12:04 p.m.

589 +0

5,462 +5

1,144 +1

ptf by trustedsec

The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

created at May 12, 2015, 6:37 p.m.

326 +0

5,180 +2

1,243 +0

grr by google

GRR Rapid Response: remote live forensics for incident response

created at Dec. 4, 2013, 12:17 a.m.

315 +0

4,809 +9

763 +0

recon-ng by lanmaster53

Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.

created at March 28, 2019, 5:43 p.m.

112 +0

4,181 +26

656 +3

Loki by Neo23x0

Loki - Simple IOC and YARA Scanner

created at Jan. 18, 2015, 8:39 a.m.

185 +1

3,417 +4

585 +1

phpsploit by nil0x42

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

created at May 21, 2014, 7:43 p.m.

104 +0

2,237 +2

442 -1

credstash by fugue

A little utility for managing credentials in the cloud

created at April 20, 2015, 4:20 p.m.

69 +0

2,061 +0

214 +0

boofuzz by jtpereyda

A fork and successor of the Sulley Fuzzing Framework

created at Nov. 26, 2015, 12:42 a.m.

51 +0

2,056 +6

347 +0

cicd-goat by cider-security-research

A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.

created at March 27, 2022, 10 a.m.

32 +0

1,965 +7

322 +0

rekall by google

Rekall Memory Forensic Framework

created at May 16, 2014, 5:22 p.m.

168 +0

1,930 +3

396 -2

confidant by lyft

Confidant: your secret keeper. https://lyft.github.io/confidant

created at Sept. 11, 2015, 6:02 p.m.

353 +1

1,850 +1

109 +0

kippo by desaster

Kippo - SSH Honeypot

created at May 27, 2014, 6:13 p.m.

84 +0

1,633 +3

277 +0