Volatility 3.0 development

Dirty COW

A curated list of tools for incident response

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Web Application Penetration Testing Methodology

Caido plugin integration with the Pwnfox browser extension

Here Are Some Popular Hacking PDF

recon for bug hunters

Three complete IT / Cybersecurity resume for the following job roles: Systems Administration, SOC Analyst, & Penetration Tester.

Source code for Hacker101.com - a free online web and mobile security class.

Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown

An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!

Access large language models from the command-line

Identify changes made to a filesystem made by a malicious file

A Linux version of the Procmon Sysinternals tool

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

A collection of AWS penetration testing junk

A curated list of resources for learning about application security

Automated HTTP Request Repeating With Burp Suite

World's fastest and most advanced password recovery utility

My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.

Damn Vulnerable Web Application (DVWA)

Web app that provides basic navigation and annotation of ATT&CK matrices

Open-source vulnerability disclosure and bug bounty program database

Utilities for MITRE™ ATT&CK

HackBar plugin for Burpsuite

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules thro…

Another way to bypass WAF Cheat Sheet (draft)