Dhamu's starred repositories
PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
sql-injection-payload-list
🎯 SQL Injection Payload List
KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
Web-Attack-Cheat-Sheet
Web Attack Cheat Sheet
Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
Gf-Patterns
GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
BugBountyToolkit
A multi-platform bug bounty toolkit that can be installed on Debian/Ubuntu or set up with Docker.
My-Shodan-Scripts
Collection of Scripts for shodan searching stuff.
breaking-and-pwning-apps-and-servers-aws-azure-training
Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
HITCON-Training
For Linux binary Exploitation
MSSQL_SQL_BYPASS_WIKI
MSSQL注入提权,bypass的一些总结
adconnectdump
Dump Azure AD Connect credentials for Azure AD and Active Directory
rfi-lfi-payload-list
🎯 RFI/LFI Payload List
AllThingsAndroid
A Collection of Android Pentest Learning Materials
WordList-Compendium
Personal compilation of wordlists & dictionaries for everything. Users, passwords, directories, files, vulnerabilities, fuzzing, injections, wordlists of tools, etc.
a-full-list-of-wordlists
this contain the burp pack
JavaPayload
JavaPayload is a collection of pure Java payloads to be used for post-exploitation from pure Java exploits or from common misconfigurations (like not password protected Tomcat manager or debugger port).
vulnoscollection
Vulnerable OS Collection is a collection of four Ubuntu based OSes containing real world vulnerable web applications.
phpunit-brute
Tool to try multiple paths for PHPunit RCE CVE-2017-9841
Scanners-Box
A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑