This repo contains hourly-updated data dumps of Hackerone/Bugcrowd scopes that are eligible for reports

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

Tooling and commands for common red team and Infrastructure testing tasks

The toolbox of open source scanners - 安全行业从业者自研开源扫描器合辑

A list of infosec / hacking conferences in Asia Pacific

Add a badge to your app icon

The XSS Hunter service - a portable version of XSSHunter.com

A Powerful Subdomain Takeover Tool

Insecure programming functions database

PDF report generator for basic recon

Directory/file & DNS busting tool written in Go

Extension of sublister tool to check for subdomain takeovers

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

Wiki for Pentesting iOS apps

Searches full repo history for secrets and keys 🔑

Automated reconnaissance wrapper — TomNomNom's meg on steroids.

Copy as PowerShell request(s) plugin for Burp Suite

Simple lists that can help prevent cryptomining in the browser or other applications.

Respositoy of all my notes on infosec I have been building up over the years

A list of interesting payloads, tips and tricks for bug bounty hunters.

Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios

Collection of things made during my OSCP journey

Burp plugin able to find reflected XSS on page in real-time while browsing on site

This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010 AKA EternalBlue