List of Awesome Red Team / Red Teaming Resources This list is for anyone wishing to learn about Red Teaming but do not have a starting point.

GarudRecon automates domain recon with top open-source tools to discover assets, enumerate subdomains, and detect XSS, SQLi, LFI, RCE & more.

Autoswagger by Intruder - detect API auth weaknesses

Main repository for the Linera protocol

React component library for onchain applications - See README for modern alternatives

Ink Documentation

How to run an Ink Node

Web recon script. No need to fear, sumrecon is here!

EPSS & VEDAS Score Aggregator for CVEs

LFI to RCE via phpinfo() assistance or via controlled log file

Search for all leaked keys/secrets using one regex! bugbounty

The trust-minimized, zero-knowledge bridging protocol, designed for censorship resistance, extremely high security, and usage in decentralized finance.

Find subdomains on GitLab.

Shardeum is an EVM based autoscaling blockchain

CSP-Stalker is a Python-based CLI tool that extracts apex domains from CSP headers, fetches subdomains using the MerkleMap API, and resolves subdomains into IP addresses.

recon for bug hunters

List of Stuff I did to get through the OSCP :D

AI Security tool to deobfuscate and find any potential vulnerabilities in android apps.

A fast subdomain takeover tool

Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024-39573 , CVE-2024-38477 , CVE-2024-38476 , CVE-2024-38475 , CVE-2024-38474 , CVE-2024-38473 , CVE-2023-38709

Graphing SBOM's Fast.

iOS and macOS Decompiler

A simple tool to interact with web shells and command injection vulnerabilities