Stars
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
This project crawls bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) hourly and dumps them into the bounty-targets-data repo
Hunt down social media accounts by username across social networks
TOP All bugbounty pentesting CVE-2023- POC Exp RCE example payload Things
Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.
In-depth attack surface mapping and asset discovery
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
Find, verify, and analyze leaked credentials
A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Full reference of LinkedIn answers 2024 for skill assessments (aws-lambda, rest-api, javascript, react, git, html, jquery, mongodb, java, Go, python, machine-learning, power-point) linkedin excel t…
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …
Fast passive subdomain enumeration tool.
Here I gather all the resources about hacking that I find interesting
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filtering and easy input-output support.
30 days of JavaScript programming challenge is a step-by-step guide to learn JavaScript programming language in 30 days. This challenge may take more than 100 days, please just follow your own pace…
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Burp Suite Certified Practitioner Exam Study
The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, …
Bug Bounty ~ Awesomes | Books | Cheatsheets | Checklists | Tools | Wordlists | More