all public threat feeds

Parser for data dumps Collection #1 / Collection #2-5

Find, verify, and analyze leaked credentials

Metasploit Framework

Python software that reads zone files, extract NS records, and detect cyclic dependencies

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

10 Weeks, 20 Lessons, Data Science for All!

12 Weeks, 24 Lessons, IoT for All!

24 Lessons, 12 Weeks, Get Started as a Web Developer

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

Operational information regarding the log4shell vulnerabilities in the Log4j logging library.

Apache Log4j 远程代码执行

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Finds Directory Listings or open S3 buckets from a list of URLs

Scanner for Cross-Site WebSocket Hijacking

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

A list of resources for those interested in getting started in bug bounties

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

A script to set up a quick Ubuntu 17.10 x64 box with tools I use.

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Fetch information about a public Google document.

Most advanced XSS scanner.

The XSS Hunter service - a portable version of XSSHunter.com

Find broken links, missing images, etc within your HTML.

Find AWS S3 buckets and test their permissions.