Scalable Automated Adversary Emulation Platform

kunpeng是一个Golang编写的开源POC框架/库，以动态链接库的形式提供各种语言调用，通过此项目可快速开发漏洞检测类的系统。

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

Awesome Python Security resources 🕶🐍🔐

Hacking Toolkit

🎯 Command Injection Payload List

Collection of small security tools created mostly in Python. CTFs, pentests and so on

🔎 shodansploit > v1.3.0

Web application vulnerability scanner

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

🎯 HackerTarget ToolKit - Tools And Network Intelligence To Help Organizations With Attack Surface Discovery 🎯

Awesome .NET Security Resources

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

A friendly car security exploration tool for the CAN bus

PHP Security Check List [ EN ] 🌋 ☣️

secureCodeBox (SCB) - continuous secure delivery out of the box

NERVE Continuous Vulnerability Scanner

Fuzz your Rust code with Google-developed Honggfuzz !

Awesome Java Security Resources 🕶☕🔐

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.

Custom memory allocator that helps discover reads from uninitialized memory

Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki

memory search and patch tool on debuggable apk without root & ndk

Metasploit Cheat Sheet 💣

This project intends to provide a series of tools to craft, parse, send, analyze and crack a set of LoRaWAN packets in order to audit or pentest the security of a LoraWAN infrastructure.

URL Abuse - A Versatile Software for URL review, analysis and black-list reporting

Find the ideal fuzz targets in a Rust codebase

See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)

用cel-go重现了长亭xray的poc检测功能的轮子