A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A swiss army knife for pentesting networks

Wrong project! You should head over to http://github.com/sshuttle/sshuttle

Create *beautiful* command-line interfaces with Python

Dshell is a network forensic analysis framework.

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Miscellaneous exploit code

Security Tool to Look For Interesting Files in S3 Buckets

The iOS Security Testing Framework

A framework for wireless pentesting.

Lightweight Python utilities for working with Redis

Exploits written by the Rhino Security Labs team

Poc, Presentation of Monitor OSD Exploitation, and shenanigans of high quality.

The 'exploitable' GDB plugin

BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source code.

Various PoCs

An exploit for Apache Struts CVE-2017-5638

Command-line Google dork tool. This is an early predecessor to dorkbot, which may be more useful: https://github.com/utiso/dorkbot

a command-line web scraping tool

A free and open source command-line shell and scripting language designed especially for security testing

The NoSQL Honeypot Framework

Basic script for monitoring new posts on Pastebin for keywords

Scans the local network to discover hosts, and automatically generates the user_config.xml file for Apache Guacamole.