Techbrunch

billing-hack

This application allows to impersonate the Google Play Billing service (com.android.vending).

patt-mkdocs

PayloadAllTheThings as a website using mkdocs

hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

jwt_secrets

A list of "secrets" from JWT sample code and readme files.

adminjs

AdminJS is an admin panel for apps written in node.js

aws-eks-best-practices

A best practices guide for day 2 operations, including operational excellence, security, reliability, performance efficiency, and cost optimization.

axiom

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

commonspeak2

Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists

ctf-secret

A small challenge

CVE-2015-1397

docs

The Rocket.Chat server, desktop, mobile, user, admin & developer documentation.

hackingthe.cloud

An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

har-sanitizer

homebrew-core

🍻 Default formulae for the missing package manager for macOS

lazagne

macOS-enterprise-privileges

For Mac users in an Enterprise environment, this app gives the User control over administration of their machine by elevating their level of access to Administrator privileges on macOS. Users can set the time frame using Preferences to perform specific tasks such as install or remove an application.

nuclei-templates

Template files for the nuclei scanner

OAUTHScan

Burp Suite Extension useful to verify OAUTHv2 and OpenID security

objection

📱 objection - runtime mobile exploration

open-cvdb

An open project to list all publicly known cloud vulnerabilities and CSP security issues

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

rails

Ruby on Rails

railsgoat

A vulnerable version of Rails that follows the OWASP Top 10

ScoutSuite

Multi-Cloud Security Auditing Tool

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

security-advisories

A database of PHP security advisories

soowned

springfox

Automated JSON API documentation for API's built with Spring

techbrunch-website

valetudo-helper-miioota

Install rooted firmwares via miio local OTA