A list of useful payloads and bypass for Web Application Security and Pentest/CTF

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Opiniated RAG for integrating GenAI in your apps 🧠 Focus on your product rather than the RAG. Easy integration in existing products with customisation! Any LLM: GPT4, Groq, Llama. Any Vectorstore: PGVector, Faiss. Any Files. Anyway you want.

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Set up a personal VPN in the cloud

🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

The authentication glue you need.

AI Native Data App Development framework with AWEL(Agentic Workflow Expression Language) and Agents

Daemon to ban hosts that cause multiple authentication errors

The Rogue Access Point Framework

Web path scanner

Exploitation Framework for Embedded Devices

Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuous monitoring, security assessments & audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

Universal Radio Hacker: Investigate Wireless Protocols Like A Boss

Scapy: the Python-based interactive packet manipulation program & library.

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

Main Sigma Rule Repository

🛡️ Open-source and next-generation Web Application Firewall (WAF)

Low code web framework for real world applications, in Python and Javascript