An easy-to-use advanced ASCII art generator for free!

A cross-platform command-line tool to convert images into ascii art and print them on the console. Now supports braille art!

🏞️ A command-line tool for converting images to ASCII art

smbclient-ng, a fast and user friendly way to interact with SMB shares.

american fuzzy lop - a security-oriented fuzzer

Mirror of Shadowbrokers release from https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation

Custom firmware for the HackRF PortaPack H1/H2/H4

Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)

Port of Samy Kamkar's MagSpoof project (http://samy.pl/magspoof/) to the Flipper Zero. Enables wireless emulation of magstripe data, primarily over GPIO, with additional experimental internal TX.

Tools and Techniques for Red Team / Penetration Testing

What the name says....

BTSM (Behind-the-Scenes Manipulation) Payloads PoC

A collection of Encoded Payloads from the Community both for Hak5 & BadUSB Devices

Network-based Startup Module Framework (Network Dropper)

RPT (REDDs Pentesting Tools) Installer unlocks the native Arch Linux Package Manager on the Steam Deck's SteamOS & Installs a few Tools.

WebGoat is a deliberately insecure application

The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application

Domains belonging to the most reputed public bug bounty programs. [NOT FOR NON-MONETARY OR PRIVATE PROGRAMS]

Automated & Manual Wordlists provided by Assetnote

Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.

Remote CLI tools at your fingertips

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way …

Fast subdomains enumeration tool for penetration testers

Protect and discover secrets using Gitleaks 🔑

This tool use fuuzzing to try to bypass unknown authentication methods, who knows...