superkojiman

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

XSStrike

Most advanced XSS scanner.

pwntools

CTF framework and exploit development library

GTFOBins.github.io

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

windows-kernel-exploits

windows-kernel-exploits Windows平台提权漏洞集合

pwndbg

Exploit Development and Reverse Engineering with GDB Made Easy

Pwdb-Public

A collection of all the data i could extract from 1 billion leaked credentials from internet.

macro_pack

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

libc-database

Build a database of libc offsets to simplify exploitation

preeny

Some helpful preload libraries for pwning stuff.

CursedChrome

Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.

Interlace

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Invoke-SharpLoader

frida-boot

Frida Boot 👢- A binary instrumentation workshop, with Frida, for beginners!