A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Google Sheets Python API

Automated All-in-One OS Command Injection Exploitation Tool.

An interactive web UI for gRPC, along the lines of postman

Like cURL, but for gRPC: Command-line tool for interacting with gRPC servers

Monitor linux processes without root permissions

Protect and discover secrets using Gitleaks 🔑

Most advanced XSS scanner.

Gopher protocol is used a lot when exploiting SSRF. This script generates a gopher payload what can be user to submit data to a webform.

Translations

A recursive internet scanner for hackers. 🧡

Automatic SQL injection and database takeover tool

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

Firebase client tools for security assessment or penetration testing.

Fast passive subdomain enumeration tool.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

📙 Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report

Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application

Flipper Zero firmware source code

notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)

NSE script based on Vulners.com API

A big list of homoglyphs and some code to detect them

A python 3 library which helps in using nmap port scanner. This is done by converting each nmap command into a callable python3 method or function. System administrators can now automatic nmap scan…

Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.

DevSecOps, ASPM, Vulnerability Management. All on one platform.

Gather all external facing AWS Services and run it through nmap