Automatic SQL injection and database takeover tool

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

A collection of hacking tools, resources and references to practice ethical hacking.

🤖 The Modern Port Scanner 🤖

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Fast web fuzzer written in Go

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

Web path scanner

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Directory/File, DNS and VHost busting tool written in Go

hydra

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

A swiss army knife for pentesting networks

Attack Surface Management Platform

Web Pentesting Fuzz 字典,一个就够了。

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.