GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

Official OWASP Top 10 Document Repository

A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.

A wiki focusing on aggregating and documenting various SQL injection methods

CSPBypass.com, a tool designed to help ethical hackers bypass restrictive Content Security Policies (CSP) and exploit XSS (Cross-Site Scripting) vulnerabilities on sites where injections are blocke…

WebAppSec Content Security Policy

boostsecurityio/lotp

Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide