BugHunter ID

HackerOneDB

The unofficial HackerOne disclosure Timeline

BugHunterID

Para pencari bug / celah kemanan bisa bergabung.

hacker-roadmap

:pushpin: A guide for amateurs pen testers and a collection of hacking tools, resources and references to practice ethical hacking, pen testing and web security.

A-Good-Cyber-Security-List

opspack

Opspack (Open Source Security Package) is a simple package manager for bug bounty/offensive. Using command line interface that can be used to install,update and upgrade tools easily with lots of open source repositories on Github.

bugbounty-cheatsheet

A list of interesting payloads, tips and tricks for bug bounty hunters.

PENTOL

PENTOL - Pentester Toolkit for Fiddler2

bugcrowd_university

Open source education content for the researcher community

massc

Subdomain Scanner Tools with word-lists

Recsech

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

Adhrit

Adhrit is an open source Android APK reversing and analysis tool that can help security researchers and CTF enthusiasts alike. The tool is an effort to cut down on the amount of time spent on reversing and basic reconnaissance of Android applications.

pentest-guide

Penetration tests cases, resources and guidelines.

Amass

In-depth DNS Enumeration and Network Mapping

aquatone

A Tool for Domain Flyovers

awesome-osint

:scream: A curated list of amazingly awesome OSINT

awesome-pentest

A collection of awesome penetration testing resources, tools and other shiny things

awesome-web-pentest

Awesome web penetration testing

AwesomeXSS

Awesome XSS stuff

Bashter

Web Crawler, Scanner, and Analyzer Framework (Shell-Script based)

can-i-take-over-xyz

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

CloudScraper

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

Command-Mobile-Penetration-Testing-Cheatsheet

Mobile penetration testing android command cheatsheet

gobuster

Directory/file & DNS busting tool written in Go

knock

Knock Subdomain Scan

owasp-mstg

The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering.

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Photon

Incredibly fast crawler designed for OSINT.

ReconDog

Reconnaissance Swiss Army Knife

shodan-python

The official Python library for Shodan

XSStrike

Most advanced XSS detection suite.