A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

Single-file PHP shell

Padrões de commits

Reverse proxies cheatsheet

Authentication for the Web.

Modern CLI for exploring vulnerability data with powerful search, filtering, and analysis capabilities.

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

PDF Files for Pentesting

A high performance go implementation of Wappalyzer Technology Detection Library

A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules thro…

php backdoors collection

🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast. Precise. Effective.

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, …

Check your WAF before an attacker does

Real-world infosec wordlists, updated regularly

All about bug bounty (bypasses, payloads, and etc)

Protect your web-application with Dynamic Style Loading and Real-Time Obfuscation. Easy to use!