PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Dockerized version of Nexus Repo Manager 3

A tool for secrets management, encryption as a service, and privileged access management

SEO Tools for Laravel

Gospider - Fast web spider written in Go

dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.

Finds unknown classes of injection vulnerabilities

This Package helps developers to easily work with Jalali (Shamsi or Iranian) dates in php appliations, based on Jalali (Shamsi) DateTime class.

Simple to use root checking Android library and sample app

Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)

[WIP] Crappy iOS app analyzer

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the contr…

Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime

Android Shared preference wrapper than encrypts the values of Shared Preferences. It's not bullet proof security but rather a quick win for incrementally making your android app more secure.

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Find and verify secrets

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

Android security guides, roadmap, docs, courses, write-ups, and teryaagh.

A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filtering and easy input-output support.

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

A fast, simple, recursive content discovery tool written in Rust.

Take a list of domains and probe for working HTTP and HTTPS servers

🔍 gowitness - a golang, web screenshot utility using Chrome Headless

Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Accept URLs on stdin, replace all query string values with a user-supplied value