th3gundy
Follow
Stars
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
Docker - Beginners | Intermediate | Advanced
Pterodactyl® is a free, open-source game server management panel built with PHP, React, and Go. Designed with security in mind, Pterodactyl runs all game servers in isolated Docker containers while…
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
Community-based GPL-licensed network monitoring system
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
WDScanner平台目前实现了如下功能:分布式web漏洞扫描、客户管理、漏洞定期扫描、子域名枚举、端口扫描、网站爬虫、暗链检测、坏链检测、网站指纹搜集、专项漏洞检测、代理搜集及部署等功能。
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Common PHP webshells you might need for your Penetration Testing assignments or CTF challenges. Do not host the file(s) on your server!
Hashtopolis - distributed password cracking with Hashcat
Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.
Clone of svn repository of http://insecurety.net/projects/web-malware/ project
Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities. NOTE: This project is o…
PHPMailer < 5.2.18 Remote Code Execution exploit and vulnerable container
Cross-site scripting labs for web application security enthusiasts
Toolkit to detect and keep track on Blind XSS, XXE & SSRF