A list of useful payloads and bypass for Web Application Security and Pentest/CTF

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Impacket is a collection of Python classes for working with network protocols.

Pythonic HTML Parsing for Humans™

match command-line arguments to their help text

Record terminal sessions as SVG animations

Come and join us, we need you!

📱 objection - runtime mobile exploration

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

Linux 内核揭秘

open-source jailbreaking tool for many iOS devices

A hacky debugger UI for hackers

PEDA - Python Exploit Development Assistance for GDB

A True Instrumentable Binary Emulation Framework

Scalable fuzzing infrastructure.

Windows GUI Automation with Python (based on text properties)

The FLARE team's open-source tool to identify capabilities in executable files.

【deepin源移植】Debian/Ubuntu上的QQ/微信快速安装方式

《计算机网络－自顶向下方法(原书第6版)》编程作业，Wireshark实验文档的翻译和解答。

Google CTF

The Leading Security Assessment Framework for Android.

Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.

Python library & console tool for controlling Xiaomi smart appliances

Diaphora, the most advanced Free and Open Source program diffing tool.

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique present…

Symbolic execution tool

Reverse engineering framework in Python

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

PyInstaller Extractor