#
Starred repositories
📡 PoC auto collect from GitHub.
Collection of Cyber Threat Intelligence sources from the deep and dark web
The recursive internet scanner for hackers. 🧡
Community generated list of API security tests to find OWASP top10, HackerOne top 10 vulnerabilities
A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.
The Patterns of Scalable, Reliable, and Performant Large-Scale Systems
pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching
Bypass 4xx HTTP response status codes and more. The tool is based on Python Requests, PycURL, and HTTP Client.
Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.
🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast. Precise. Effective.
🐶 A curated list of Web Security materials and resources.
A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
A pentest reporting tool written in Python. Free yourself from Microsoft Word.
An enterprise friendly way of detecting and preventing secrets in code.
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Golang tool which helps dropping the irrelevant entries from your ffuf result file.
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
Maintained collection of OSINT related resources. (All Free & Actionable)
An step by step fuzzing tutorial. A GitHub Security Lab initiative