850 Open source projects that are alternatives of or similar to Howtohunt

Code, exercises and tutorials of my personal blog ! 📝

Vulnerability Database | huntr.dev

ES File Explorer Open Port Vulnerability - CVE-2019-6447

This repository holds the content submitted to https://cloud.google.com/community. Files added to the tutorials/ directory will appear at https://cloud.google.com/community/tutorials.

Powerfull XSS Scanning and Parameter analysis tool&gem

Advanced vulnerability scanning with Nmap NSE

🔪Browser logic vulnerabilities ☠️

溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）

CatBoost tutorials repository

a Slack bot that kicks asses (roundhouse-kicks to be accurate...)

Making Favicon.ico based Recon Great again !

A Python3 based single-file subdomain enumerator

🌈 原创&翻译 🌈

📖 Community driven web development tutorials

Automated Red Team Infrastructure deployement using Docker

Random Tools for Bug Bounty

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

A laboratory for learning secure web and mobile development in a practical manner.

✨ Purpose only! The dangers of Bluetooth Low Energy（BLE）implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth LE stacks.

OPCDE Cybersecurity Conference Materials

🔺 Red Team Hardware Toolkit 🔺

Auto Scanning to SSL Vulnerability

A simple way to show the user interface tutorials

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Running Kubernetes in production

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

vulscan 扫描系统：最新的poc&exp漏洞扫描，redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...

挖掘国内外漏洞平台必备的自动化捡钱赏金技巧，看了并去做了捡钱如喝水。

A series of tutorials about radare2 framework from https://www.megabeets.net

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

Proofs-of-concept

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

Top disclosed reports from HackerOne

Kotlin 官方文档（参考部分）中文版

A curated list of awesome express.js resources

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Reverse Engineering Tutorials

Source code for the ElementsProject.org website

🐬 A comprehensive tutorial on getting started with Docker!

Git Cheats - Interactive Cheatsheet For Git Commands

Intelligence tool but without API key

Tutorials for Pyramid

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Universal Javascript sample application with React Router 4 and Express 5 (Enhanced version of https://github.com/lmammino/judo-heroes)

Some simple vulkan examples.

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber

Cross-site scripting labs for web application security enthusiasts

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555

Generates combination of domain names from the provided input.

Wiki related to the Pharo programming language and environment.

📙 HOTTBOX: Higher Order Tensors ToolBOX. Tutorials

Potentially dangerous files

A tool for testing subdomain takeover possibilities at a mass scale.

Dump exposed HTTP .git fast

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

Source for the OpenCV with Java tutorials

🥇掘金翻译计划，可能是世界最大最好的英译中技术社区，最懂读者和译者的翻译平台：