zetc0de's Stars
majd/ipatool
Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS App Store
dionach/CMSmap
CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
palera1n/palera1n
Jailbreak for A8 through A11, T2 devices, on iOS/iPadOS/tvOS 15.0, bridgeOS 5.0 and higher.
HavocFramework/Havoc
The Havoc Framework
google/oss-fuzz
OSS-Fuzz - continuous fuzzing for open source software.
code-scan/NexusHack
Nexus Repository Hacker,nexus docker repository downloader
sottlmarek/DevSecOps
Ultimate DevSecOps library
DevSecAS/CobaltStr4.5
Cobalt Strike 4.5 cracked version.
0xJDow/rogue-mysql-server
Modified version of the 'rogue-mysql-server.py' script from https://landgrey.me/blog/11/ to exploit JDBC connection string deserialization. All credit to the original author.
synacktiv/HopLa
HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite
adeyosemanputra/pygoat
intentionally vuln web Application Security in django
assetnote/kiterunner
Contextual Content Discovery Tool
BlackFan/client-side-prototype-pollution
Prototype Pollution and useful Script Gadgets
yogeshojha/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
filedescriptor/untrusted-types
atthacks/RunAsUser
This tool allows you to run programs as another user from the Windows command line. Example usage is if you have a low privilege shell and find credentials for another user. You can then execute a program as that other user.
hfiref0x/UACME
Defeating Windows User Account Control
HackTricks-wiki/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
apenwarr/sshuttle
Wrong project! You should head over to http://github.com/sshuttle/sshuttle
dstotijn/hetty
An HTTP toolkit for security research.
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
wahyuhadi/Nodejs-Common-Attack
Nodejs , Attack
wahyuhadi/gorm-sqlInjection
sidaf/homebrew-pentest
Homebrew Tap - Pen Test Tools
vsec7/xkeys
Extract Sensitive Keys, Secret, Token Or Interested thing from source
snoopysecurity/OSCE-Prep
A list of freely available resources that can be used as a prerequisite before taking OSCE.
jtpereyda/boofuzz
A fork and successor of the Sulley Fuzzing Framework
Th3D4rK0ne/BloodHound
Six Degrees of Domain Admin
PDKT-Team/ctf
CTF write-ups by PDKT team with English and Indonesian language
NgeSEC/SecStory
SecStory (Security Story) adalah buku digital yang berisi kumpulan donasi cerita, ditulis oleh para pemangku kepentingan keamanan siber di Indonesia.