A very minimal, resource efficient exo-kernel

Hobbyist operating system project for the PC with graphical user interface, multitasking, ACPI, and more to come, written entirely in assembly.

A barebones framework for a rust kernel.

unix-like reverse engineering framework and commandline tools

WebApp Information Gatherer

Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers

The OWASP ZAP core project

Web recon tool (find temporary files, parse robots.txt, search some folders, google dorks and search domains hosted on same server)

Capstone disassembly/disassembler framework: Core (Arm, Arm64, M68K, Mips, PPC, Sparc, SystemZ, X86, X86_64, XCore) + bindings (Python, Java, Ocaml)

Pupy is an opensource, multi-platform (Windows, Linux, OSX, Android), multi function RAT (Remote Administration Tool) mainly written in python. It features a all-in-memory execution guideline and l…

Automated All-in-One OS Command Injection and Exploitation Tool

Multi-purpose pentest framework

Collaborative Penetration Test and Vulnerability Management Platform

A hacky debugger UI for hackers

The Router Exploitation Framework

Efficient and advanced man in the middle framework

CodexGigas malware DNA profiling search engine discovers malware patterns and characteristics assisting individuals who are attracted in malware hunting.

The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.

htcap is a web application scanner able to crawl single page application (SPA) in a recursive manner by intercepting ajax calls and DOM changes.

This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.

Python Decoders for Common Remote Access Trojans

Demos of various techniques found in malware

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

Automatic Server-Side Template Injection Detection and Exploitation Tool

📂 🐇 🎩 See what a program does before deciding whether you really want it to happen.

GoLismero - The Web Knife

PEDA - Python Exploit Development Assistance for GDB

DNS Recon | Brute Forcer | DNS Zone Transfer | DNS Wild Card Checks | DNS Wild Card Brute Forcer | Email Enumeration | Staff Enumeration | Compromised Account Checking