GBounty is a multi-step website vulnerability scanner developed in Golang designed to help companies, pentesters, and bug hunters identify potential vulnerabilities in web applications.

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

A collection of Awesome Frida Scripts for MAPT

Ironsharp is a tool written in C# that detects CVEs caused by missing updates and privilege escalation vulnerabilities caused by misconfigurations on Windows OS.

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application

iSMET (A)symmetric Meterpreter Encryption Tool

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Clone this repo to build Frida

A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems.

Swagger Socket: A REST over WebSocket

windows-kernel-exploits Windows平台提权漏洞集合

CVE-2019-0708-exploit

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the contr…