A list of useful payloads and bypass for Web Application Security and Pentest/CTF

😱 A curated list of amazingly awesome OSINT

Sample code for several design patterns in PHP 8.x

🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Debugbar for Laravel (Integrates PHP Debug Bar)

IDE Helper for Laravel

PHP Image Processing

A tool to automatically fix PHP Coding Standards issues

A curated list of bookmarks, packages, tutorials, videos and other cool resources from the Laravel ecosystem

Associate users with roles and permissions

Laravel best practices

Fast subdomains enumeration tool for penetration testers

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

Scripted Local Linux Enumeration & Privilege Escalation Checks

RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data

The all-in-one browser extension for offensive security professionals 🛠

Linux privilege escalation auditing tool

8 Lessons, Kick-start Your Cybersecurity Learning.

Faker is a PHP library that generates fake data for you

Linux enumeration tool for pentesting and CTFs with verbosity levels

🎯 Command Injection Payload List

🤖 Telegram Bot API PHP SDK. Lets you build Telegram Bots easily! Supports Laravel out of the box.

This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter

A cheat sheet that contains advanced queries for SQL Injection of all types.

Single-file PHP shell

CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs

A PHP QR Code generator and reader with a user-friendly API.

Tools & Interesting Things for RedTeam Ops

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab