🏡 Open source home automation that puts local control and privacy first.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

🕵️‍♂️ Offensive Google framework.

Impacket is a collection of Python classes for working with network protocols.

Python GUIs for Humans! PySimpleGUI is the top-rated Python application development environment. Launched in 2018 and actively developed, maintained, and supported in 2024. Transforms tkinter, Qt, …

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

The Rogue Access Point Framework

A lightweight, dependency-free Python library (and command-line utility) for downloading YouTube Videos.

Web path scanner

CTF framework and exploit development library

Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the contr…

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

Universal Radio Hacker: Investigate Wireless Protocols Like A Boss

fsociety Hacking Tools Pack – A Penetration Testing Framework

A cross platform front-end GUI of the popular youtube-dl written in wxPython.

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

Create *beautiful* command-line interfaces with Python

Exploit Development and Reverse Engineering with GDB Made Easy

Ajenti Core and stock plugins

An advanced memory forensics framework

🔥 Web-application firewalls (WAFs) from security standpoint.

Web application fuzzer

PEDA - Python Exploit Development Assistance for GDB

RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data

CTFs as you need them

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

HTTP parameter discovery suite.