The OpenTF Manifesto expresses concern over HashiCorp's switch of the Terraform license from open-source to the Business Source License (BSL) and calls for the tool's return to a truly open-source …

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Some setup scripts for security research tools.

A fast and stealthy credential harvester

PowerSploit - A PowerShell Post-Exploitation Framework

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

MeterSSH is a way to take shellcode, inject it into memory then tunnel whatever port you want to over SSH to mask any type of communications as a normal SSH connection. The way it works is by injec…

ClamAV - Documentation is here: https://docs.clamav.net

A full modbus protocol written in python

The legacy Exploit Database repository - New repo located at https://gitlab.com/exploit-database/exploitdb

A little tool to play with Windows security

Automatic SQL injection and database takeover tool

Snoopy: A distributed tracking and data interception framework

Offensive DNS server

Patch Binaries via MITM: BackdoorFactory + mitmProxy.

Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors

A public list of URLs generally useful to webapp testers and pentesters

PwnWiki - The notes section of the pentesters mind.

CTF Wiki - http://ctf.forgottensec.com/wiki/index.php

Metasploit Framework

Collection of Proof of Concepts and Potential Targets for #ShellShocker