PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+3120.06%)
PayloadsPayload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (-58.81%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+156.07%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+28.77%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (-71.23%)
maalikFeature-rich Post Exploitation Framework with Network Pivoting capabilities.
Stars: ✭ 75 (-92.66%)
BugHunterNo description or website provided.
Stars: ✭ 23 (-97.75%)
CNN Own DatasetCNN example for training your own datasets.
Stars: ✭ 25 (-97.55%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-98.63%)
xss-chefA web application for generating custom XSS payloads
Stars: ✭ 70 (-93.15%)
SQL-XSSA few SQL and XSS attack tools
Stars: ✭ 29 (-97.16%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+187.87%)
BugHunterIDPara pencari bug / celah kemanan bisa bergabung.
Stars: ✭ 72 (-92.95%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (-83.66%)
linklink is a command and control framework written in rust
Stars: ✭ 345 (-66.24%)
ResourcesNo description or website provided.
Stars: ✭ 38 (-96.28%)
WriteupsThis repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (-94.03%)
PastebinMarkdownXSSXSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (-91.78%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (-69.67%)
BxssbXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Stars: ✭ 331 (-67.61%)
Tiny Xss PayloadsA collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Stars: ✭ 975 (-4.6%)
ChimeraChimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Stars: ✭ 463 (-54.7%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (-61.94%)
Csp BuilderBuild Content-Security-Policy headers from a JSON file (or build them programmatically)
Stars: ✭ 496 (-51.47%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (-4.7%)
Tic TacClient not paid ? This is the solution of your problem
Stars: ✭ 29 (-97.16%)
NightingaleIt's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (-88.36%)
DM-BOT📧 DM-BOT is discord bot that can record direct messages. One of us! You can also reply to those messages! DM-BOT is easy to use & understand! I decided to use Discord.js, it's literally the best.
Stars: ✭ 31 (-96.97%)
centCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
Stars: ✭ 315 (-69.18%)
hinjectHost Header Injection Checker
Stars: ✭ 64 (-93.74%)
VulWebajuVulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.
Stars: ✭ 53 (-94.81%)
bug-bountyMy personal bug bounty toolkit.
Stars: ✭ 127 (-87.57%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-95.79%)
AlertBarAn easy alert on status bar
Stars: ✭ 64 (-93.74%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-96.58%)
EagleMultithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities
Stars: ✭ 85 (-91.68%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (-13.21%)
PandorasBoxSecurity tool to quickly audit Public Box files and folders.
Stars: ✭ 56 (-94.52%)
Django Admin EasyCollection of admin fields and decorators to help to create computed or custom fields more friendly and easy way
Stars: ✭ 265 (-74.07%)
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (-95.6%)
Easy.commonA set of useful utilities and helpers used across Easy.* projects.
Stars: ✭ 306 (-70.06%)
AwesomexssAwesome XSS stuff
Stars: ✭ 3,664 (+258.51%)
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Stars: ✭ 297 (-70.94%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-58.22%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+231.8%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+609%)
BrutalPayload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )
Stars: ✭ 678 (-33.66%)
AllaboutbugbountyAll about bug bounty (bypasses, payloads, and etc)
Stars: ✭ 758 (-25.83%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (-25.64%)
Dalfox🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Stars: ✭ 791 (-22.6%)
TokenBreakerJSON RSA to HMAC and None Algorithm Vulnerability POC
Stars: ✭ 51 (-95.01%)