Stars
A curated list of MCP servers for bug bounty.
A complete, beginner-friendly bug bounty roadmap that takes you from zero experience to earning your first bounty.
A collection of Azure AD/Entra tools for offensive and defensive security purposes
Pre-Built Vulnerable Environments Based on Docker-Compose
Automated & Manual Wordlists provided by Assetnote
h4x0r-dz / BypassFuzzer
Forked from intrudir/BypassFuzzerFuzz 401/403/404 pages for bypasses
Check the CSP of the current website against a list of known bypasses.
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
A command line Curses based json viewer and tabulator
Archive Alchemist is a tool for creating specially crafted archives to test extraction vulnerabilities.
Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
Subdomains analysis and generation tool. Reveal the hidden!
PortSwigger / autowasp
Forked from GovTech-CSG/AutowaspBurpSuite Extension: A one-stop pen testing checklist and logger tool
Automation for internal Windows Penetrationtest / AD-Security
Reverse Engineering materials for bootcamp 2020
Automation for javascript recon in bug bounty.
A high performance offensive security tool for reconnaissance and vulnerability scanning
VHostChecker takes a csv list of targets in the form of domain,ip,port and runs 4 seperate connection checks to get a quick sense of how the target handles Host Header changes.
Python module for viewing Portable Executable (PE) files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro and Rekall to dump in-memory PE files and reconstruct imports.
List of Awesome Red Teaming Resources
Tool for advanced mining for content on Github
Reconnaissance tool for GitHub organizations
A tool to capture all the git secrets by leveraging multiple open source git searching tools