A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

A place where I can create, collect and share tooling, resources and knowledge about information security.

Automated Security Testing For REST API's

Wireshark Cheat Sheet

XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具

A repository of tools for pentesting of restricted and isolated environments.

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Audit tool to find common vulnerabilities in PHP source code

Automated NoSQL database enumeration and web application exploitation tool.

Python script wrote to automate the process of generating various reverse shells.

Don't let buffer overflows overflow your mind

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

Silentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.

Study Notes For Web Hacking / Web安全学习笔记

A penetration testing tool for finding file upload bugs (NDSS 2020)

A tool to test security of json web token

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network

Domain name permutation engine written in Go

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.