aPatinthehat

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

dirsearch

Web path scanner

unredacter

Never ever ever use pixelation as a redaction technique

objection

📱 objection - runtime mobile exploration

iodine

Official git repo for iodine dns tunnel

Active-Directory-Exploitation-Cheat-Sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

merlin

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

mitmproxy2swagger

Automagically reverse-engineer REST APIs via capturing traffic

megabasterd

Yet another unofficial (and ugly) cross-platform MEGA downloader/uploader/streaming suite.

patator

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

dnscat2

vulnerable-AD

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

dostackbufferoverflowgood

xortool

A tool to analyze multi-byte xor cipher

firmware-analysis-toolkit

Toolkit to emulate firmware and analyse it for security vulnerabilities

SharpUp

SharpUp is a C# port of various PowerUp functionality.

Zeratool

Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems

Raccine

A Simple Ransomware Vaccine

diva-android

DIVA Android - Damn Insecure and vulnerable App for Android

PyExfil

A Python Package for Data Exfiltration

gr-lora

GNU Radio blocks for receiving LoRa modulated radio messages using SDR

hat

HAT (Hashcat Automation Tool) - An Automated Hashcat Tool for common wordlists and rules to speed up the process of cracking hashes during engagements. Created for Linux based systems

Collabfiltrator

Exfiltrate blind remote code execution output over DNS via Burp Collaborator.

Research

My personal repository for findings and things to remember

rootend

A *nix Enumerator & Auto Privilege Escalation tool.

AutoDroid

A tool for automating interactions with Android devices - including ADB, AndroGuard, and Frida interactivity.

VTgrepGHIDRA

shall

A CLI and REPL for invoking shell scripts or commands with multiple POSIX-like shells for portability testing.