A list of useful payloads and bypass for Web Application Security and Pentest/CTF

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Opiniated RAG for integrating GenAI in your apps 🧠 Focus on your product rather than the RAG. Easy integration in existing products with customisation! Any LLM: GPT4, Groq, Llama. Any Vectorstore: PGVector, Faiss. Any Files. Anyway you want.

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

AI Native Data App Development framework with AWEL(Agentic Workflow Expression Language) and Agents

The authentication glue you need.

Daemon to ban hosts that cause multiple authentication errors

The Rogue Access Point Framework

Web path scanner

Exploitation Framework for Embedded Devices

Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

Universal Radio Hacker: Investigate Wireless Protocols Like A Boss

Scapy: the Python-based interactive packet manipulation program & library.

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

Main Sigma Rule Repository

A free & open modern, fast email client with user-friendly encryption and privacy features

Low code web framework for real world applications, in Python and Javascript

People tracker on the Internet: OSINT analysis and research tool by Jose Pino