Xib3rR4dAr

WannaRace

WebApp intentionally made vulnerable to Race Condition for practicing Race Condition

CloudFlareXSS

Cloudflare Bypass in HTML, attribute and JS context

cloudfox

Automating situational awareness for cloud penetration tests.

crowbar

Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.

CTF_ADDA_writeups

Writeups for https://ctf.adda.gov.ae/ 2022

CTF_BlackHat_MEA_2023

BalckHat MEA 2023

CVE-2023-28252

forothree

403 bypass tools based on golang

forward-shell

fypCTF

Easily create and manage Capture the flag competitions

gtm4wp

Google Tag Manager plugin for WordPress

hi_my_name_is_keyboard

hoaxshell

A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

httpx

httpx is a fast and multi-purpose HTTP toolkit allows to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.

Image-metadata-extractor

Extracts image metadata.

interactsh-web

Web dashboard for Interactsh client

keyhacks

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

SQLInjectionWiki

A wiki focusing on aggregating and documenting various SQL injection methods

SqlmapDnsCollaborator

Burp Extension that lets you use Burp Collaborator as a DNS server for exfiltrating data via Sqlmap

SUID3NUM

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

Supplementary-Material

updog

Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.

wfuzz

Web application fuzzer

wordpress-ajax-load-more

🔥 WordPress infinite scroll with Ajax Load More - the ultimate solution to add infinite scroll functionality to your WordPress powered website.

wordpress-xdebug

Wordpress with XDebug for Docker

wp-statistics

Complete WordPress Analytics and Statistics for your site!

XSS-CDN

XSS CDN

xss-payload-list

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

Zphisher-GUI-Back_office

A Zphisher GUI Back-Office Plugin