frank-leitner

portswigger-websecurity-academy

Writeups for PortSwigger WebSecurity Academy

hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

frank-leitner

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

tryhackme

Write-ups for TryHackMe rooms

linux-smart-enumeration

Linux enumeration tool for pentesting and CTFs with verbosity levels

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

Arjun

HTTP parameter discovery suite.

bash-it

A community Bash framework.

bashdot

Minimalist dotfile management framework.

dns-exfil

A program to exfiltrate files from a computer using the DNS

Dwarf-Therapist

Dwarf management tool for Dwarf Fortress

ffuf

Fast web fuzzer written in Go

github-readme-stats

:zap: Dynamically generated stats for your github readmes

GTFOBins.github.io

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

hashes

Magic hashes – PHP hash "collisions"

ILSpy

.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!

LaZagne

Credentials recovery project

legion

Legion is an open source, easy-to-use, super-extensible and semi-automated network penetration testing tool that aids in discovery, reconnaissance and exploitation of information systems.

liffy

Local file inclusion exploitation tool

mimikatz

A little tool to play with Windows security

Mules-and-Warehouses-Extended

Compliation and Maintenace for the famous mule mods.

MUStARD

Multimodal Sarcasm Detection Dataset

nishang

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

privilege-escalation-awesome-scripts-suite

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

pupy

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

smtp4dev

smtp4dev - the fake smtp email server for development and testing

snap7

Snap7 is an open source, 32/64 bit, multi-platform Ethernet communication suite for interfacing natively with Siemens S7 PLCs.

ysoserial

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

ysoserial.net

Deserialization payload generator for a variety of .NET formatters