SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

-------> RAFEL<------ Android Rat Written in Java With WebPanel For Controlling Victims...Hack Android Devices

Runs artisan command in web application

CLI tool to crawl a website and check HTTP status codes

ProcessMaker BPM Core

Toolkit to detect and keep track on Blind XSS, XXE & SSRF

The Black Hat Bash book repository

【新】多商户服务平台

List of configuration files from WEB-INF and META-INF for use in Unvalidated Forwards and JSP Include vulnerabilities.

Alternative to XSS Hunter for blind XSS.

This repository contains combined exploits for two vulnerabilities in Moodle, a widely used open-source learning management system (LMS)