MOSA101

Bypass-WAF-SQLMAP

Bypass WAF SQL Injection SQLMAP

ADLabsReview

Active Directory Labs/exams Review

WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956

WordPress Auto Admin Account Creation and Reverse Shell cve-2024-27956 automates the process of creating a new administrator account in a WordPress site and executing a reverse shell on the target server. It utilizes the wp-automatic plugin's CSV injection vulnerability to execute SQL queries

CCTV

Close-Circuit Telegram Vision revolutionizes location tracking with its open-source design and Telegram API integration. Offering precise tracking within 50-100 meters, users can monitor others in real-time for logistics or safety, redefining how we navigate our surroundings

bbot

A recursive internet scanner for hackers.

nomore403

Tool to bypass 403/40X response codes.

APKDeepLens

Android security insights in full spectrum.

sql-injection-payload-list

🎯 SQL Injection Payload List

OneForAll

OneForAll是一款功能强大的子域收集工具

AnonSMS

Anonymous SMS sending tool.

CloakQuest3r

Uncover the true IP address of websites safeguarded by Cloudflare & Others

Insecure-Firebase-Exploit

A simple Python Exploit to Write Data to Insecure/vulnerable firebase databases! Commonly found inside Mobile Apps. If the owner of the app have set the security rules as true for both "read" & "write" an attacker can probably dump database and write his own data to firebase db.

A-Red-Teamer-diaries

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

rce-finder

A tool to find good RCE

xray

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

learning-reverse-engineering

This repository contains sample programs written primarily in C and C++ for learning native code reverse engineering.

gitGraber

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

BucketHoarder

Crawlector

Crawlector is a threat hunting framework designed for scanning websites for malicious objects.

awesome-soc

A collection of sources of documentation, as well as field best practices, to build/run a SOC

phonetrack

What is Phone Track? So phonetrack is a type of OSINT that is used to track someone's location just based on their telephone number

RemoveAdblockThing

The intrusive "Ad blocker are not allowed on YouTube" message is annoying. This open-source project aims to address this issue by providing a solution to bypass YouTube's ad blocker detection

top25-parameter

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Awesome-RCE-techniques

Awesome list of step by step techniques to achieve Remote Code Execution on various apps!

JSONBee

A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.

BloodHound

Six Degrees of Domain Admin

how-to-bypass-aslr-on-linux-x86_64

ASLR bypass without infoleak

Arjun

HTTP parameter discovery suite.

GAP-Burp-Extension

Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist

Priv8-Nuclei-Templates

My Priv8 Nuclei Templates