This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

this nuclei template finds back up files

how to look for Leaked Credentials !

A Security Tool for Bug Bounty, Pentest and Red Teaming.

The repo contains all the the notes, slides, and study material for my workshop at DEFCON 32 at the Bug Bounty Village

A curated list of amazingly awesome Burp Extensions

Using Windows' own bootloader as a shim to bypass Secure Boot

Useful "Match and Replace" burpsuite rules

WPS 0day.hen the wps software is running, an api interface with port 4709 will be opened. An attacker can request this interface to execute commands.

Shoggoth: Asmjit Based Polymorphic Encryptor

Real-time, container-based file scanning at enterprise scale

Android security insights in full spectrum.

Customizable Linux Persistence Tool for Security Research and Detection Engineering.

Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability remotely

Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls

A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers.

一款高效的 Socks5 代理采集与使用工具

Nameless C2 - A C2 with all its components written in Rust

Powerful Tool For Grab Front Camera Snap Using A Link

Berty is a secure peer-to-peer messaging app that works with or without internet access, cellular data or trust in the network

A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.

Social engineering tool [Access Webcam & Microphone & Location Finder] With {Py,JS,PHP}

🕸️ Crawl in the web network

A complete security assessment tool that supports common web security issues scanning and custom POC | Be sure to read the document before using.

C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.

An step by step fuzzing tutorial. A GitHub Security Lab initiative

A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementing page protection changes during no execution.

📱 objection - runtime mobile exploration

A tool for quickly evaluating IAM permissions in AWS.