bbhunter

h1domains

HackerOne "in scope" domains for all your fuzzing needs

unblob

Extract files from any kind of container formats

Archive

Hacking Methodology, Cheatsheats, Conceptual-Breakdowns

dnsrecon

DNS Enumeration Script

Fresh-Resolvers

List of Hourly Updated Fresh DNS resolvers

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

RustScan

Faster Nmap Scanning with Rust

secfiles

My files for security assessments, bug bounty and more

Web-Attack-Cheat-Sheet

Web Attack Cheat Sheet

cdn

Compiles a list of major CDN and WAF subnets.

changedetection.io

changedetection.io - The best and simplest self-hosted free open source website change detection tracking, monitoring and notification service. An alternative to Visualping, Watchtower etc. Designed for simplicity - the main goal is to simply monitor which websites had a text change for free. Free Open source web page change detection

developer-roadmap

Roadmap to becoming a web developer in 2021

fresh-dns-servers

Fresh DNS servers

getting-started-in-infosec

A noob friendly guide for juniors starting off in infosec. Pull requests welcome!

go-ethereum

Official Go implementation of the Ethereum protocol

impacket

Impacket is a collection of Python classes for working with network protocols.

jsql-injection

jSQL Injection is a Java application for automatic SQL database injection.

ninjasworkout

Vulnerable NodeJS Web Application

noseyparker

Nosey Parker is a command-line program that finds secrets and sensitive information in textual data.

ostorlab

Ostorlab is security scanning platform that enables running complex security scanning tasks involving multiple tools in an easy, scalable and distributed way.

PoC_CVEs

PoC_CVEs

pwnedhub

resolvers

List of periodically validated public DNS resolvers

resolvers-1

The most exhaustive list of reliable DNS resolvers.

retire.js

scanner detecting the use of JavaScript libraries with known vulnerabilities

RsaCtfTool

RSA attack tool (mainly for ctf) - retreive private key from weak public key and/or uncipher data

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

sippts

Set of tools to audit SIP based VoIP Systems

Writeups-2

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

zgrab2

ZGrab 2.0 Framework