A list of useful payloads and bypass for Web Application Security and Pentest/CTF
-
Updated
Dec 4, 2024 - Python
Hacking refers to the practice of gaining unauthorized access to data in a system or computer. This topic encompasses various forms of hacking, including black-hat and grey-hat hacking, which involve malicious or non-malicious intent. It explores the tools and techniques used by hackers, the motivations behind hacking, and the measures organizations can take to protect themselves.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
ALL IN ONE Hacking Tool For Hackers
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Web path scanner
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
People tracker on the Internet: OSINT analysis and research tool by Jose Pino
The recursive internet scanner for hackers. 🧡
🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
Automated Adversary Emulation Platform
An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.
Study Notes For Web Hacking / Web安全学习笔记
Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).
The Network Execution Tool
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。