Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.

Checklist for container security - devsecops practices

Awesome information for WebSockets security research

A collection of real-world threat model examples across various technologies, providing practical insights into identifying and mitigating security risks.

Extension to log iframe and cross window communications.

Security Remediation Guides

BUG BOUNTY WRITEUPS - OWASP TOP 10 🔴🔴🔴🔴✔

A web interface for Apache Cassandra

Spring4Shell reproduce

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

DNS-Shell is an interactive Shell over DNS channel

Web Attack Cheat Sheet

💣 Impulse Denial-of-service ToolKit

External monitoring for organization assets

An open-source domain monitoring tool built using Maelstrom 🤖 Uptime Robot + 🧐 Oh Dear + 🧪 SSL Labs + ⏰ Cronitor + 🕵🏻‍♂️ DNS Spy

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

An experimentation and research platform to investigate the interaction of automated agents in an abstract simulated network environments.

Links for the OSINT Team

😱 A curated list of amazingly awesome OSINT

😎 Awesome lists about all kinds of interesting topics

🥧 Savoury implementation of the QUIC transport protocol and HTTP/3

Application Layer Tunnel

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be…

Go process used to crawl websites

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Reconnaissance tool for GitHub organizations

Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information! It's your very own discovery side kick, the Dr. Watson to your Sher…