PWN is an open security automation framework that aims to stand on the shoulders of security giants, promoting trust and innovation.

CATS is a REST API Fuzzer and negative testing tool for OpenAPI endpoints. CATS automatically generates, runs and reports tests with minimum configuration and no coding effort. Tests are self-heali…

JMX enumeration and attacking tool.

MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution.

A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementing page protection changes during no execution.

A python script to scan for Apache Tomcat server vulnerabilities.

Open source 5G core network based on 3GPP R15

Script with several tools to brute force garages, hack radio stations and capture and analyze radio signals with Raspberry Pi

General "driver" for GSM modules in embedded linux

Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems

fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.

A blazing fast™ multithreaded ROP Gadget finder. ropper / ropgadget alternative (currently x86 only)

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

利用大量高威胁poc/exp快速获取目标权限，用于渗透和红队快速打点

🔍 Github CVE POC 信息监控推送 🚀

Evildork targeting your fiancee👁️

A workshop about Malware Development

Abusing autoElevate - Fully Undetectable UAC Bypass exploit

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advan…

SigFramework it's a modified version of SiGploit

Wi-Fi Exploitation Framework

The most powerful CRLF injection (HTTP Response Splitting) scanner.

FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads

x86 malware emulator

Drone Hacking Tool is a GUI tool that works with a USB Wifi adapter and HackRF One for hacking drones.

The Deepfake Offensive Toolkit

Nuclei plugin for BurpSuite

A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)

Cross-platform library for sending raw APDU T=0 or T=1 messages to smart cards. Superseded by https://github.com/tomasz-lisowski/scraw