A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Write scalable load tests in plain Python 🚗💨

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWA…

Fast subdomains enumeration tool for penetration testers

📱 objection - runtime mobile exploration

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

Coroutine-based concurrency library for Python

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

defeating the latest version of ReCaptcha with 91% accuracy

File upload vulnerability scanner and exploitation tool.

SMBMap is a handy SMB enumeration tool

A complete test automation tool

Armory is a tool meant to take in a lot of external and discovery data from a lot of tools, add it to a database and correlate all of related information.

Easy files and payloads delivery over DNS

NoobSecToolkit is a Python Based Tool kit that brings together powerful security and anonymity tools and scripts with predefined security configurations and modifications. Making it very simple for…