A collection of resources, tools and more for penetration testing and securing Microsofts cloud platform Azure.

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

Bambdas collection for Burp Suite Professional and Community.

A list of Blockchain Security audit companies, solo auditors and location of public audits.

This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter

A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.

Oneliner Bug Bounty Collection collected from GitHub to all bug bounty hunters

Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.

TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines for eight different programming languages.

This repository contains my writeups for the labs in PortSwigger's Web Security Academy platform. Each lab writeup includes the lab's name, description, and my step-by-step solution, as well as any…

A vulnerable RESTful application written in Node and React based on OWASP API security top 10 2023 edition.

A curated list of GPT agents for cybersecurity

🎯 PHP / ASP - Shell Backdoor List 🎯

Most usable tools for iOS penetration testing

Docker Remote API Scanner and Exploit

BChecks collection for Burp Suite Professional

Social Media OSINT collection containing - tools, techniques & tradecraft.

List of Awesome CobaltStrike Resources

A simple script just made for self use for bypassing 403

🕵️‍♂️ All-in-one OSINT tool for analysing any website

Awesome list of keywords for Threat Hunting sessions

An OSINT tool that helps detect members of a company with leaked credentials

openrisk is a tool that generates a risk score based on the results of a Nuclei scan.

Useful resources for iOS hacking

You just found a hidden gem 💎 This repo contains a massive amount (8000+) of WordPress related Nuclei templates. Updated daily!

RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers (CSPs)

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.