Curated collection of bug bounty notes and tutorials in one place. Visit the link below to view the docs.

running on your server for blind testing

Sistema de notas propositalmente vulnerável para educação em segurança cibernética e testes de penetração - contém 12+ vulnerabilidades web intencionais (SQL Injection, XSS, Path Traversal, Command Injection, etc.)

A practical tool to track and manage web app security tests.

A minimalist and fast app to take notes and analyze them.

The official DSC-RIT Bug Bounty 2020 codes.

🌐 Check domain availability easily with this Node.js tool using the GoDaddy API for fast, simple searches of short domain combinations.

Firefox extension that detects reflected strings or regex patterns in the live DOM of web pages

Echo JS - JS Path Tracker

small and simple tool for generating a list and searching for Google Dork to identify leaked files and save the scan result. Useful tools for Bug Bounty

Chrome extension to scrape Shodan host & domain pages and export IPs, ports, subdomains, and DNS records.

Active Recon Framework Web Management

Social Network for hackers, pentesters, and bug hunters

Blog for computer stuffs and whatnot.

The "Hacksmith Shop" Vulnerable Web Application

Contains security vulnerabilities payloads and exploits that I come across or use

Lab to understand and test SSRF attacks

npm PoC packages