Awesome Bugbounty WriteupsA curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Stars: ✭ 2,429 (-18.93%)
HolyTipsA Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Stars: ✭ 1,210 (-59.61%)
gradejsGradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
Stars: ✭ 362 (-87.92%)
nerdbugFull Nuclei automation script with logic explanation.
Stars: ✭ 153 (-94.89%)
hack-pet🐰 Managing command snippets for hackers/bug bounty hunters. with pet.
Stars: ✭ 77 (-97.43%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (-70.39%)
cf-checkCloudFlare Checker written in Go
Stars: ✭ 147 (-95.09%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-98.97%)
WDIRGood resources about web security that I have read.
Stars: ✭ 14 (-99.53%)
DeadDNSDNS hijacking via dead records automation tool
Stars: ✭ 44 (-98.53%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+998.43%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-99.2%)
PastebinMarkdownXSSXSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (-97.2%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (-56.07%)
QmlIntroductions to key concepts in quantum machine learning, as well as tutorials and implementations from cutting-edge QML research.
Stars: ✭ 174 (-94.19%)
GuidesAn organized list of guides and tutorials for design, development, and system administration.
Stars: ✭ 166 (-94.46%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (-94.56%)
GarudAn automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Stars: ✭ 183 (-93.89%)
Jwt Hack🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)
Stars: ✭ 172 (-94.26%)
Javascriptstuff DbLists of JavaScript resources: tools, tutorials, starter projects, example code, etc.
Stars: ✭ 163 (-94.56%)
VulnixVulnerability (CVE) scanner for Nix/NixOS.
Stars: ✭ 161 (-94.63%)
TuktukTool for catching and logging different types of requests.
Stars: ✭ 174 (-94.19%)
Bountystrike ShPoor (rich?) man's bug bounty pipeline
Stars: ✭ 168 (-94.39%)
Webgl Month🎓 Daily WebGL tutorials
Stars: ✭ 178 (-94.06%)
Js Vuln DbA collection of JavaScript engine CVEs with PoCs
Stars: ✭ 2,087 (-30.34%)
ExamplesJina examples and demos to help you get started
Stars: ✭ 185 (-93.83%)
BlogTechnical blog repo of metaflow
Stars: ✭ 165 (-94.49%)
XrcrossXRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities
Stars: ✭ 175 (-94.16%)
VulscanAdvanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (-23.06%)
Tutorials📖 Community driven web development tutorials
Stars: ✭ 189 (-93.69%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-94.59%)
Judo Heroes 2Universal Javascript sample application with React Router 4 and Express 5 (Enhanced version of https://github.com/lmammino/judo-heroes)
Stars: ✭ 182 (-93.93%)
Pharo WikiWiki related to the Pharo programming language and environment.
Stars: ✭ 161 (-94.63%)
Bids Starter KitCollection of tutorials, wikis, and templates to get you started with creating BIDS compliant datasets
Stars: ✭ 160 (-94.66%)
Jira ScanCVE-2017-9506 - SSRF
Stars: ✭ 159 (-94.69%)
3klconAutomation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.
Stars: ✭ 189 (-93.69%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-93.93%)
GodnslogAn exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
Stars: ✭ 172 (-94.26%)
Zeebsploitweb scanner - exploitation - information gathering
Stars: ✭ 159 (-94.69%)
Burp Retire JsBurp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
Stars: ✭ 157 (-94.76%)
Cve Check ToolOriginal Automated CVE Checking Tool
Stars: ✭ 172 (-94.26%)
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+308.74%)
Awesome Pytorch ListA comprehensive list of pytorch related content on github,such as different models,implementations,helper libraries,tutorials etc.
Stars: ✭ 12,475 (+316.39%)
DvhmaDamn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for Android) that intentionally contains vulnerabilities.
Stars: ✭ 180 (-93.99%)
Antlr Mega TutorialThis is the companion repository of the ANTLR Mega Tutorial, that will explain everything you need to know to use ANTLR.
Stars: ✭ 171 (-94.29%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-94.79%)
100 Days Of Ml CodeA day to day plan for this challenge. Covers both theoritical and practical aspects
Stars: ✭ 172 (-94.26%)
Di.we.hRepositório com conteúdo sobre web hacking em português
Stars: ✭ 156 (-94.79%)
MagevulndbList of Magento extensions with known security issues.
Stars: ✭ 152 (-94.93%)