Here, have some candy. Useful tools and cheat sheet for Captures The Flag (CTF) contests. And also for Computer Security in general.
☆68Dec 24, 2018Updated 7 years ago
Alternatives and similar repositories for CTF-Candy
Users that are interested in CTF-Candy are comparing it to the libraries listed below
Sorting:
- Visualizing Path Finding using A* algorithm☆14Nov 7, 2022Updated 3 years ago
- Collection of my slide decks, conference videos and research white papers☆27Sep 23, 2025Updated 5 months ago
- A Collection of Proof of Concepts for non-published Web Exploits and Common CVEs☆10Nov 29, 2020Updated 5 years ago
- Application Security Vulnerability Periodic Table☆14Aug 25, 2014Updated 11 years ago
- Prototype-Pollution-Lab to chain the vulnerabilities between multiple accounts.☆13Sep 11, 2021Updated 4 years ago
- It contain google dork to find the wsdl file.☆13May 27, 2020Updated 5 years ago
- A small pentesting lab for Azure☆10Apr 19, 2019Updated 6 years ago
- ☆24Jan 26, 2021Updated 5 years ago
- Collection of the cheat sheets useful for pentesting☆10May 11, 2018Updated 7 years ago
- A tool to check for response status codes with ease☆13Apr 29, 2023Updated 2 years ago
- ElasticSearch vulnerable scanner☆16Oct 6, 2019Updated 6 years ago
- Capture-The-Flag(CTF) toolkit☆11Jan 8, 2015Updated 11 years ago
- Collection of snippets for devtools.☆13Mar 17, 2021Updated 4 years ago
- ☆10Oct 30, 2019Updated 6 years ago
- A wrapper around jq, to help you parse jq output!☆30Aug 23, 2020Updated 5 years ago
- ☆15Apr 13, 2021Updated 4 years ago
- Security test tool for Blind XSS☆26Mar 5, 2020Updated 6 years ago
- This automation protect against subdomain takeover on AWS env which also send alerts on slack.☆12Aug 1, 2021Updated 4 years ago
- Filter writeups from ctftime.org by CATegories☆14Nov 4, 2019Updated 6 years ago
- ☆14Nov 29, 2019Updated 6 years ago
- ☆15Feb 5, 2022Updated 4 years ago
- Secrets detection based on regular expressions.☆22Apr 15, 2025Updated 10 months ago
- Everything about xss protection technology☆14Oct 22, 2019Updated 6 years ago
- Bug bounty bot for channel☆16Dec 10, 2022Updated 3 years ago
- A modular URL deduplication tool.☆19Feb 19, 2025Updated last year
- ⚡ Golang library for quick make pentest tools☆15Apr 7, 2025Updated 10 months ago
- A multi-threaded scanner that helps identify CORS flaws/misconfigurations☆19Nov 18, 2019Updated 6 years ago
- Workflow for pentesting web applications.☆21Feb 19, 2019Updated 7 years ago
- A Mozilla Firefox extension which allows quick access to your google-dorking result☆19Jun 18, 2020Updated 5 years ago
- A Tool to find subdomains from hackerone reports.☆17Jun 23, 2021Updated 4 years ago
- HTTP Request Translator (hrt) translates raw HTTP requests to different scripts (bash, python, etc.)☆17Feb 24, 2017Updated 9 years ago
- All kind of frida stuff when needed in pentesting or reverse engineering of an android app - The perfect starter kit☆18Jun 2, 2020Updated 5 years ago
- WordPress Bruteforce List, Default paths and endpoints☆75May 14, 2022Updated 3 years ago
- 优质安全 list☆12Nov 22, 2017Updated 8 years ago
- XSS Payload without Anything.☆104Jun 28, 2019Updated 6 years ago
- Bug Bounty Dork☆72Feb 14, 2022Updated 4 years ago
- ☆18Sep 6, 2018Updated 7 years ago
- Takes a list of domains as the input, checks if they have a security.txt, outputs the results.☆16May 15, 2020Updated 5 years ago
- A tool to test working urls.☆43Nov 17, 2020Updated 5 years ago