Stars
Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)
A list of resources for those interested in getting started in bug bounties
A list of useful payloads and Bypass for Web Application Security and Bug Bounty/CTF
Automate dorking while doing bug bounty or other stuffs.
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
An intentionally designed broken web application based on REST API.
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Git All the Payloads! A collection of web attack payloads.
Open-source, cross platform Qt based IDE for reverse-engineering Android application packages.
Ghidra is a software reverse engineering (SRE) framework
🔥 Web-application firewalls (WAFs) from security standpoint.
An example Node.js Relying Party implementation of the WebAuthn specification
An archive of low-level CTF challenges developed over the years
Extracting URLs of a specific target based on the results of "commoncrawl.org"
This tool can be used to brute discover GET and POST parameters
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
A python script that finds endpoints in JavaScript files
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
This repository holds all the list of advanced XSS payloads that can be used in penetration testing. These payloads can be loaded into XSS scanners as well.
A cross-platform note-taking & target-tracking app for penetration testers.