Top disclosed reports from HackerOne

A BugBounty playbook covering vulnerability bypasses, payloads, and quick checks for OWASP Top 10 + extras.

Contextual Content Discovery Tool

This project aims to maintain Wappalyzer technologies

HTTP Archive fork of Wappalyzer

CosmicSting (CVE-2024-34102)

Better structured concurrency for go

🚀 Fast, secure, lightweight containers based on WebAssembly

🐜🐜🐜 ants is the most powerful and reliable pooling solution for Go.

.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers

PowerSploit - A PowerShell Post-Exploitation Framework

☁️ Nextcloud server, a safe home for all your data

Rust Weaponization for Red Team Engagements.

在spring-aop中新发现的反序列化gadget-chain

Decompiler from Java bytecode to Java, used in IntelliJ IDEA.

Official repository containing files related to N1CTF 2025.

Find web directories without bruteforce

A conda-forge distribution.

Mamba SSM architecture

Userspace WireGuard® Implementation in Rust

A JavaScript Secret Finder tool.

A powerful browser crawler for web vulnerability scanners

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

Netcat for windows 32/64 bit

A byte code analyzer for finding deserialization gadget chains in Java applications

🐛 A list of writeups from the Google VRP Bug Bounty program

Cybersecurity oriented awesome list

PEDA - Python Exploit Development Assistance for GDB

latest version of scanners for IIS short filename (8.3) disclosure vulnerability