p4p1
"/><img src="https://xss.leosmith.wtf/api/SSTn5REwp/pic" onerror="alert(document.domain)" />
leosmith.wtfCachan
p4p1's Stars
awesome-selfhosted/awesome-selfhosted
A list of Free Software network services and web applications which can be hosted on your own servers
trimstray/the-book-of-secret-knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
Lissy93/web-check
🕵️♂️ All-in-one OSINT tool for analysing any website
pyscript/pyscript
PyScript is an open source platform for Python in the browser. Try PyScript: https://pyscript.com Examples: https://tinyurl.com/pyscript-examples Community: https://discord.gg/HxvBtukrg2
rupa/z
z - jump around
s0md3v/XSStrike
Most advanced XSS scanner.
htr-tech/zphisher
An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !
Flipper-XFW/Xtreme-Firmware
The Dom amongst the Flipper Zero Firmware. Give your Flipper the power and freedom it is really craving. Let it show you its true form. Dont delay, switch to the one and only true Master today!
HavocFramework/Havoc
The Havoc Framework
j3ssie/osmedeus
A Workflow Engine for Offensive Security
s0md3v/Arjun
HTTP parameter discovery suite.
commixproject/commix
Automated All-in-One OS Command Injection Exploitation Tool.
hahwul/dalfox
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
nicocha30/ligolo-ng
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
devanshbatham/ParamSpider
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
gtworek/Priv2Admin
Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.
1ndianl33t/Gf-Patterns
GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
BiZken/PhishMailer
Generate Professional Phishing Emails Fast And Easy
mttaggart/OffensiveNotion
Notion as a platform for offensive operations
kleo/evilportals
A collection of captive portals for phishing using a WiFi Pineapple
KathanP19/Gxss
A tool to check a bunch of URLs that contain reflecting params.
ProcessusT/HEKATOMB
Hekatomb is a python script that connects to LDAP directory to retrieve all computers and users informations. Then it will download all DPAPI blob of all users from all computers and uses Domain backup keys to decrypt them.
raoshaab/Pen-Andro
Script to Automate installtion of Apps ,frida server and moving Burpsuite certificate to root folder
PortSwigger/autorize
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
CosmodiumCS/MK01-OnlyRAT
OnlyRAT is the only RAT you'll ever need. We will be able to use this tool to remotely command and control windows computers.Once installed we will have remote administrative access to our target that we can connect to through Python console on our attacker pc. The onlyrat console has plenty of payloads we can then use on our target.
cool4uma/UART_Terminal
Uart terminal for Flipper Zero
ivan-sincek/evil-twin
Learn how to set up a fake authentication web page on a fake WiFi network.
Jcw87/c2-smb1
Super Mario Bros Clone
Cipher7/OSEP
My Personal Notes of OSEP
war-and-code/burp-site-map-to-csv
Burp Suite plugin to export the sitemap to CSV.