A list of useful payloads and bypass for Web Application Security and Pentest/CTF

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

A black hole for Internet advertisements

Based on a true story

Independent technology for modern publishing, memberships, subscriptions and newsletters.

Automatic SQL injection and database takeover tool

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Comfortably monitor your Internet traffic 🕵️‍♂️

An evolving how-to guide for securing a Linux server.

🕵️‍♂️ Offensive Google framework.

The Rogue Access Point Framework

Information gathering framework for phone numbers

A simple, easy to use PowerShell script to remove pre-installed apps from Windows, disable telemetry, remove Bing from Windows search as well as perform various other changes to declutter and impro…

Web path scanner

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

🐶 A curated list of Web Security materials and resources.

fsociety Hacking Tools Pack – A Penetration Testing Framework

Android in docker solution with noVNC supported and video recording

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

A swiss army knife for pentesting networks

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

Below are some simple methods for exiting vim.

⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

This is a multi-use bash script for Linux systems to audit wireless networks.

🔍 Google from the terminal

An HTTP toolkit for security research.

A fast, simple, recursive content discovery tool written in Rust.

A list of interesting payloads, tips and tricks for bug bounty hunters.

All about bug bounty (bypasses, payloads, and etc)