omerkpnk's Stars
barisbaydur/ulfr
The most powerful Blind XSS tool of the universe.
streaak/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
ivan-sincek/ios-penetration-testing-cheat-sheet
Work in progress...
fullhunt/log4j-scan
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
majd/ipatool
Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS App Store
michenriksen/gitrob
Reconnaissance tool for GitHub organizations
newbit1/rootAVD
Script to root AVDs running with QEMU Emulator from Android Studio
barisbaydur/waybackurls
Bring all the URLs that the Wayback machine knows for one or more domain names.
ferreiraklet/Jeeves
Jeeves SQLI Finder
t3l3machus/psudohash
Generates millions of keyword-based password mutations in seconds.
vladko312/SSTImap
Automatic SSTI detection tool with interactive interface
Ch0pin/medusa
Binary instrumentation framework based on FRIDA
botesjuan/Burp-Suite-Certified-Practitioner-Exam-Study
Burp Suite Certified Practitioner Exam Study
oversecured/ovaa
Oversecured Vulnerable Android App
ruveydaeto/admipanel-tailwind
paragonie/awesome-appsec
A curated list of resources for learning about application security
maddiestone/AndroidAppRE
Android App Reverse Engineering Workshop
fastfire/deepdarkCTI
Collection of Cyber Threat Intelligence sources from the deep and dark web
Dheerajmadhukar/4-ZERO-3
403/401 Bypass Methods + Bash Automation + Your Support ;)
MobSF/Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
gwen001/cloudflare-origin-ip
Try to find the origin IP of a webapp protected by Cloudflare.
talha/crash_monitor
Basic fuzzing instrumentation for windows processes.
radareorg/radare2
UNIX-like reverse engineering framework and command-line toolset
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
kernelkel/Kerberpreter
tennc/webshell
This is a webshell open source project
rougier/neural-networks
Artificial Neural Networks / Python
volkandindar/agartha
A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations, while also converting HTTP requests to JavaScript for enhanced XSS exploitation.
cyberguideme/Tools
Cyber Security Tools
tomnomnom/httprobe
Take a list of domains and probe for working HTTP and HTTPS servers