OffXec's repositories
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
awesome-burp-extensions
A curated list of amazingly awesome Burp Extensions
owasp-mstg
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering.
android-security-awesome
A collection of android security related resources
assetfinder
Find domains and subdomains related to a given domain
awesome-bbht
A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain. Feel free to fork, and add your own tools.
bug-bounty-dorks
List of Google Dorks for sites that have responsible disclosure program / bug bounty program
hack-your-university
A list of universities with vulnerability disclosure policies
RubyByExample
Ruby by example. Short, sweet & simple.
selenium-ide
Open Source record and playback test automation for the web.
top25-parameter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
aquaHelper
Work in Progress.
Arjun
HTTP parameter discovery suite.
awesome-termux-hacking
⚡️An awesome list of the best Termux hacking tools
bugcrowd_university
Open source education content for the researcher community
keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
nuclei
Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.