aasicq

30-Days-Of-JavaScript

30 days of JavaScript programming challenge is a step by step guide to learn JavaScript programming language in 30 days. This challenge may take up to 100 days, follow your own pace.

aasicq.github.io

awesome-aws-security

Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security

awesome-cloud-security

🛡️ Awesome Cloud Security Resources ⚔️

cname

CNAME records lookup

Damn-Vulnerable-GraphQL-Application

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

Django-Twitter-Clone

A fully functional Twitter Clone builded with Django.

duplicut

Remove duplicates from MASSIVE wordlist, without sorting it (for dictionnary-based password cracking)

gitGraber

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

github-search

Tools to perform basic search on GitHub.

Hacking-Security-Ebooks

Top 100 Hacking & Security E-Books (Free Download)

HolyTips

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

HowToHunt

Tutorials and Things to Do while Hunting Vulnerability.

JSFScan.sh

Automation for javascript recon in bug bounty.

just_test

Keye

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

keywords

learning-area

Github repo for the MDN Learning Area.

pathbrute

Pathbrute

pentest-tools

Custom pentesting tools

prowler

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

puredns

puredns is a subdomain bruteforcing tool that improves massdns to accurately handle wildcard subdomains and DNS poisoning. Easy to use and to integrate into workflows, it ensures the results obtained by public resolvers are clean.

scripthunter

Tool to find JavaScript files on Websites

sd-goo

Enumerate Subdomains Through Google Dorks

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

simple_django_bookkeeping_app

SSRF_Vulnerable_Lab

This Lab contain the sample codes which are vulnerable Server-Side Request Forgery attack

SubEnum

bash script for Subdomain Enumeration

untrusted-types

x8

Hidden parameters discovery suite