Modlishka is a powerful, open-source reverse proxy tool that allows users to intercept and manipulate HTTP traffic, making it an ideal solution for penetration testers, security researchers, and developers to analyze and test web applications. With Modlishka, users can easily set up a reverse proxy server to intercept and modify HTTP requests and responses, enabling them to identify vulnerabilities, test web application security, and develop custom security tools. The tool provides a flexible and customizable framework for building custom proxy servers, making it an essential tool for anyone involved in web application security testing and development.
FEATURES
ALTERNATIVES
A tool that simplifies the installation of tools and configuration for Kali Linux
Alpha release of External C2 framework for Cobalt Strike with enhanced data channels.
A web application security testing platform that combines manual and automated testing tools for conducting comprehensive security assessments and penetration testing.
A reconnaissance tool that retrieves information from Office 365 and Azure Active Directory using a valid credential.
Weaponizing Kerberos protocol flaws for stealthy attacks on domain users.
Wfuzz is a tool designed for bruteforcing Web Applications with multiple features like multiple injection points, recursion, and payload combinations.
A macOS Initial Access Payload Generator for penetration testing and red teaming exercises.
CredMaster enhances password spraying tactics with IP rotation to maintain anonymity and efficiency.
PINNED

InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.