Starred repositories
A LLM explicitly designed for getting hacked
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Cloud Security Posture Management (CSPM)
Collections of Orange Tsai's public presentation slides.
Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable SSRF candidates.
Mastering Ethereum: 2nd Edition, by Andreas M. Antonopoulos, Gavin Wood, Carlo Parisi, Alessandro Mazza, Niccolò Pozzolini
Basics on commands/tools/info on how to assess the security of mobile applications
A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting
Fast and customizable subdomain wordlist generator using DSL
Mass scanner for the Java serialize bug
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
A curated list of various bug bounty tools
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
Run a docker container include hackazon, apache, and mysql
XVWA on LAMP base docker image