A list of useful payloads and bypass for Web Application Security and Pentest/CTF

ALL IN ONE Hacking Tool For Hackers

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Web path scanner

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

Universal Radio Hacker: Investigate Wireless Protocols Like A Boss

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

The recursive internet scanner for hackers. 🧡

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

Automated Adversary Emulation Platform

Useful tool to track location or mobile number

An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.

Study Notes For Web Hacking / Web安全学习笔记

The Network Execution Tool

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

Dark Web OSINT Tool