Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.

Accurately separates a URL’s subdomain, domain, and public suffix, using the Public Suffix List (PSL).

a tool to enumerate the resource records of a DNS zone using its DNSSEC NSEC or NSEC3 chain

Performs DNS zone dumps by walking DNSSEC NSEC(3) records.

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

completely ridiculous API (crAPI)

DNS resolver with support for DNS over TLS and ad blocking

Hunt down social media accounts by username across social networks

A list of resources for those interested in getting started in bug bounties

An OpenSCAD library for parametrically generating several ABLOY keys models suitable for 3D printing.

A collection of tools for generating models of physical keys for 3D printing

A software to create 3D models for key blanks, bumpkeys and regular keys

Defeating Windows User Account Control

CaveCarver - PE backdooring tool which utilizes and automates code cave technique

A simple remote tool in C#.

Pillager是一个适用于后渗透期间的信息收集工具

An open-source remote desktop application designed for self-hosting, as an alternative to TeamViewer.

Web Serving and Remote Procedure Calls at 50x lower latency and 70x higher bandwidth than FastAPI, implementing JSON-RPC & REST over io_uring ☎️

An OSINT tool to search for accounts by username and email in social networks.

An open-source React Native automatic license plate recognition package for OpenALPR

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

Simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer.

Password protect a static HTML page, decrypted in-browser in JS with no dependency. No server logic needed.

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

Browser In The Browser (BITB) Templates

A tool to perform Kerberos pre-auth bruteforcing