PayloadsAllTheThings by swisskyrepo

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

created at Oct. 18, 2016, 7:29 a.m.

1,800 +4

56,688 +149

13,964 +24

metasploit-framework by rapid7

Metasploit Framework

created at Aug. 30, 2011, 6:13 a.m.

2,042 +2

32,759 +44

13,668 +33

jadx by skylot

Dex to Java decompiler

created at March 18, 2013, 5:08 p.m.

814 +1

39,000 +175

4,622 +7

awesome-pentest by enaqx

A collection of awesome penetration testing resources, tools and other shiny things

created at Aug. 3, 2014, 11:13 p.m.

1,171 +1

20,473 +42

4,368 +3

awesome-awesomeness by bayandin

A curated list of awesome awesomeness

created at July 8, 2014, 5:44 a.m.

1,664 +2

31,256 +31

3,533 +2

Apktool by iBotPeaches

A tool for reverse engineering Android apk files

created at March 19, 2012, 5:46 p.m.

660 -1

18,835 +54

3,513 +1

owasp-mastg by OWASP

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

created at Sept. 30, 2016, 8:22 a.m.

430 +2

11,260 +12

2,228 +5

zaproxy by zaproxy

The ZAP core project

created at June 3, 2015, 4:55 p.m.

396 -1

11,970 +16

2,189 +6

fingerprintjs by fingerprintjs

Browser fingerprinting library. Accuracy of this version is 40-60%, accuracy of the commercial Fingerprint Identification is 99.5%. V4 of this library is BSL licensed.

created at Feb. 11, 2015, 8:49 a.m.

418 +2

20,899 +35

2,181 +4

trivy by aquasecurity

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

created at April 11, 2019, 1:01 a.m.

171 +0

21,301 +88

2,099 +10

Sublist3r by aboul3la

Fast subdomains enumeration tool for penetration testers

created at Dec. 15, 2015, 12:55 a.m.

234 +0

9,223 +16

2,041 +3

NodeGoat by OWASP

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

created at Oct. 21, 2013, 7:14 p.m.

78 +0

1,826 +1

1,561 +7

frida by frida

Clone this repo to build Frida

created at April 12, 2013, 10:35 p.m.

322 +0

14,683 +49

1,542 +3

wazuh by wazuh

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

created at Aug. 11, 2015, 5:39 p.m.

207 +0

9,132 +76

1,437 +12

awesome-threat-intelligence by hslatman

A curated list of Awesome Threat Intelligence resources

created at Dec. 21, 2015, 11:31 a.m.

548 +0

7,268 +20

1,393 +4

awesome-sysadmin by awesome-foss

A curated list of amazingly awesome open-source sysadmin resources.

created at Dec. 23, 2014, 8:41 a.m.

591 -1

22,549 +91

1,334 +8

volatility by volatilityfoundation

An advanced memory forensics framework

created at April 24, 2014, 3:45 p.m.

309 +0

6,917 +18

1,247 +2

ptf by trustedsec

The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

created at May 12, 2015, 6:37 p.m.

323 +0

4,970 +1

1,209 +2

awesome-web-hacking by infoslack

A list of web application security

created at May 3, 2015, 5:24 p.m.

243 +0

5,431 +20

1,158 +0

Dshell by USArmyResearchLab

Dshell is a network forensic analysis framework.

created at Dec. 17, 2014, 12:04 p.m.

592 +0

5,442 +1

1,150 -1