Collection of cheat sheets useful for pentesting

All in One Recon Tool for Bug Bounty

Tips and Tutorials for Bug Bounty and also Penetration Tests.

BBT - Bug Bounty Tools

A tool to dump a git repository from a website

Checklist of the most important security countermeasures when designing, testing, and releasing your API

🔍 A collection of interesting, funny, and depressing search queries to plug into https://shodan.io/

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

A curated list of hacking environments where you can train your cyber skills legally and safely

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.

Pastebin OSINT Harvester

DIVA Android - Damn Insecure and vulnerable App for Android

A simple Python Exploit to Write Data to Insecure/vulnerable firebase databases! Commonly found inside Mobile Apps. If the owner of the app have set the security rules as true for both "read" & "wr…

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automa…

API pwndb