MrFluidHead

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

ghidra

Ghidra is a software reverse engineering (SRE) framework

amass

In-depth attack surface mapping and asset discovery

awesome-malware-analysis

Defund the Police.

90DaysOfCyberSecurity

This repository contains a 90-day cybersecurity study plan, along with resources and materials for learning various cybersecurity concepts and technologies. The plan is organized into daily tasks, covering topics such as Network+, Security+, Linux, Python, Traffic Analysis, Git, ELK, AWS, Azure, and Hacking. The repository also includes a `LEARN.md

reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

cameradar

Cameradar hacks its way into RTSP videosurveillance cameras

discover

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.

ghauri

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

octosuite

GitHub Data Analysis Framework.

sparta

Network Infrastructure Penetration Testing Tool

Galaxy-Bugbounty-Checklist

Tips and Tutorials for Bug Bounty and also Penetration Tests.

Guide-CEH-Practical-Master

OSCP-Cheatsheet

OSCP Cheatsheet by Sai Sathvik

python-for-OSINT-21-days

In this repository you will find sample code files for each day of the course "Python for OSINT. A 21-day course for beginners".

Penetration-List

Penetration-List: A comprehensive resource for testers, covering all types of vulnerabilities and materials used in Penetration Testing. Includes payloads, dorks, fuzzing materials, and offers in-depth theory sections. Visit our Medium profile for more information.

dark-web-osint-tools

OSINT Tools for the Dark Web

Red-Team-Management

awesome-soc-analyst

Useful resources for SOC Analyst and SOC Analyst candidates.

Social-Media-OSINT

Social Media OSINT collection containing - tools, techniques & tradecraft.

cerbrutus

Network brute force tool, written in Python. Faster than other existing solutions (including the main leader in the network brute force market).

Bug-Bounty

Bug Bounty ~ Awesomes | Books | Cheatsheets | Checklists | Tools | Wordlists | More

autossrf

Smart context-based SSRF vulnerability scanner.

OSCP

#cheat sheet for OSCP

XnlReveal

A Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidden elements and enable disabled elements.

autorize

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests

DeHashed-API-Tool

A command-line tool to query the DeHashed API. Easily search for various parameters like usernames, emails, hashed passwords, IP addresses, and more.

Linux-Privilege-Escalation-Notes

My Linux Privilege Escalation notes which is part of my OSCP Preperation

Windows-Privilege-Escalation-Notes

My handbook for Windows Privilege Escalation concepts. Do Check out my Playlist, link: https://www.youtube.com/playlist?list=PLlrnAg4kKF3puXLI0JyltbNJOC2R2HVFk

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.