{{ message }}
Automatic SQL injection and database takeover tool
Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
API, CLI, and Web App for analyzing and finding a person's profile in +1000 social media \ websites
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
A collection of hacking tools, resources and references to practice ethical hacking.
Web path scanner
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Can we have a feature where a normal brute force is running based on HTTP response like 403/401 do a recursive brute force on that endpoint?
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
RustScan has an accessible mode, rustscan --accessible which should promise not to have any weird ASCII text in it.
Write CI that runs RustScan with --accessible a few times, with different flags / options and check the terminal output to see if it contains one of these:
[!][~][>]| {}If any of these characters appear in any of the tests, fail the CI. E
I testing bruteforce my opencart store.
this is body request:
-----------------------------34237939373614592773956005873
Content-Disposition: form-data; name="username"
^USER^
-----------------------------34237939373614592773956005873
Content-Disposition: form-data; name="password"
^PASS^
-----------------------------34237939373614592773956005873
Content-Disposition: form-dat
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Directory/File, DNS and VHost busting tool written in Go
A swiss army knife for pentesting networks
Attack Surface Management Platform | Sn1perSecurity LLC
Web Pentesting Fuzz 字典,一个就够了。
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
What and where?
Please give the broken URL. Where is the link located?
Would you like to be assigned to this issue?
Check the box if you will submit a PR to fix this issue. Please read CONTRIBUTING.md.
-KONG [ ] Assign me, please!
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
This is a multi-use bash script for Linux systems to audit wireless networks.
Hey, here we need add url decoding cuz that invalid link with symbols of get request like ?, &, = etc
p.s thx for awesome tool
A Workflow Engine for Offensive Security
Next generation web scanner
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Collaborative Penetration Test and Vulnerability Management Platform
Automated All-in-One OS Command Injection Exploitation Tool.
The LAZY script will make your life easier, and of course faster.
Add a description, image, and links to the pentesting topic page so that developers can more easily learn about it.
To associate your repository with the pentesting topic, visit your repo's landing page and select "manage topics."
Hey Hackers of this spoopy month!👻
Welcome to the Ciphey repo(s)!
This issue requires you to add a decoder.
This wiki section walks you through EVERYTHING you need to know, and we've added some more links at the bottom of this issue to detail more about the decoder.
https://github.com/Ciphey/Ciphey/wiki#adding-your-own-crackers--decoders
https://www.dcode.fr/t9-cipher
https://en.wikipe