Stars
The most powerful CRLF injection (HTTP Response Splitting) scanner.
A collection of hacker tools using HackerOne's API
The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testing. The tool is intended to speed up the process of Cloud rev…
VULNRΞPO - Free vulnerability report generator and repository, end-to-end encrypted! Templates of issues, CWE,CVE,MITRE ATT&CK,PCI DSS, import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, …
ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.
Check NTLM password hashes against haveibeenpwned list
Cross-site scripting labs for web application security enthusiasts
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with the AWAE course. This repo will likely contain custom code by…
A collection of various awesome lists for hackers, pentesters and security researchers
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileg…
⚡ Dynamically generated stats for your github readmes
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Capture The Flag | HackTheBox | OSCP | Bug Bounty Hunting | Jobs
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Automation for internal Windows Penetrationtest / AD-Security
Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Deployment Manager samples and templates.
Python Fire is a library for automatically generating command line interfaces (CLIs) from absolutely any Python object.
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.