surendirans7777

jadx

Dex to Java decompiler

radare2

UNIX-like reverse engineering framework and command-line toolset

Ciphey

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

h4cker

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.

DOMPurify

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

awesome-web-security

🐶 A curated list of Web Security materials and resources.

Cheatsheet-God

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

awesome-nodejs-security

Awesome Node.js Security resources

nmapAutomator

A script that you can run in the background!

Penetration-Testing-Tools

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

nginxpwner

Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.

KnowledgeSharing

clairvoyance

Obtain GraphQL API schema even if the introspection is disabled

jdwp-shellifier

remote-method-guesser

Java RMI Vulnerability Scanner

can-i-take-over-dns

"Can I take over DNS?" — a list of DNS providers and how to claim (sub)domains via missing hosted zones

AndroidPentest101

The motive to build this repo is to help beginner to start learn Android Pentesting by providing a roadmap.

nmaptocsv

A simple python script to convert Nmap output to CSV

nmap-converter

Python script for converting nmap reports into XLS

Vulnerable-OAuth-2.0-Applications

vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.

dnstrace

DNS resolution tracing tool

JWT4B

JWT Support for Burp

Pen-Andro

Script to Automate installtion of Apps ,frida server and moving Burpsuite certificate to root folder

Cheatsheets-1

Penetration Testing/Security Cheatsheets

InsecureShop

An Intentionally designed Vulnerable Android Application built in Kotlin.

Penetration-Testing-Cheat-Sheet

A guide to help people who are new to penetration testing and are looking to gain an overview of the penetration testing process. This guide will help anyone hoping to take the CREST CRT or Offensive Security's OSCP exam and will aim to cover each stage of compromising a host.

XXE-study

This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a playground to teach or test with Vulnerability scanners / WAF rules / Secure Configuration settings.

PenetrationTesting_cheatsheet

Pentest-Cheat-Sheet

Cheat-Sheet of tools for penetration testing

file_upload_vulnerability_scenarios

This repository is a dockerized PHP application containing some file upload vulnerability challenges (scenarios).