This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public expl…

(Formerly Solium) Code quality & Security Linter for Solidity

Game Boy and Game Boy Color emulator written in C

A Unix-style personal search engine and web crawler for your digital footprint.

A collection of awesome penetration testing resources, tools and other shiny things

A curated list of awesome OSCP resources

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

You like pytorch? You like micrograd? You love tinygrad! ❤️

Log Anomaly Detection - Machine learning to detect abnormal events logs

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Try to detect HTTP desync attack (https://portswigger.net/blog/http-desync-attacks-request-smuggling-reborn)

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application

A list of interesting payloads, tips and tricks for bug bounty hunters.

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

Fast and customizable vulnerability scanner based on simple YAML based DSL.

This script is intended to automate your reconnaissance process in an organized fashion

BountyDash is a tool to combine your rewards from all platforms, giving you insights about your progress and bug hunting patterns.

Panoptic is an open source penetration testing tool that automates the process of search and retrieval of content for common log and config files through path traversal vulnerabilities.

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

Chrome extension Exploitation Framework

Automatted Purple Team Script

A Python implementation of a system to try and detect malicious SQL queries via both a blacklist and whitelist approach.

Exploitation for XSS

Browser-based frontend to gdb (gnu debugger). Add breakpoints, view the stack, visualize data structures, and more in C, C++, Go, Rust, and Fortran. Run gdbgui from the terminal and a new tab will …

a collection of handy bookmarks

Assimilate is a series of scripts for using the Naïve Bayes algorithm to find potential malicious activity in HTTP headers