Tanmay Bhattacharjee's repositories
Amass
In-depth Attack Surface Mapping and Asset Discovery
awesome-bugbounty-builder
Awesome Bug bounty builder Project
awesome-oneliner-bugbounty
A collection of awesome one-liner scripts especially for bug bounty tips.
bruteforce-lists
Some files for bruteforcing certain things.
bug-bounty-dorks
List of Google Dorks for sites that have responsible disclosure program & bug bounty program
bugbounty
Bugbounty Resources
CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
cloud-security-remediation-guides
Security Remediation Guides
Cut-The-Funds-NodeJS
2018 - Vulnerable App for Demos/Training and Workshops
cwe-tool
A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
django
The Web framework for perfectionists with deadlines.
dvpwa
Damn Vulnerable Python Web App
httpd
Mirror of Apache HTTP Server. Issues: http://issues.apache.org
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
nginx
An official read-only mirror of http://hg.nginx.org/nginx/ which is updated hourly. Pull requests on GitHub cannot be accepted and will be automatically closed. The proper way to submit changes to nginx is via the nginx development mailing list, see http://nginx.org/en/docs/contributing_changes.html
nodejs-goof
Super vulnerable todo list application
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
Nuclei-Templates-Collection
Nuclei Templates Collection
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
pygoat
intentionally vuln web Application Security in django
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
SecureTea-Project
The OWASP SecureTea Project provides a one-stop security solution for various devices (personal computers / servers / IoT devices)
SecurityShepherd
Web and mobile application security training platform
spiffe
The SPIFFE Project
threat-dragon
An open source, online threat modeling tool from OWASP
Top10
Official OWASP Top 10 Document Repository
web-pentesting-checklist
checklist for testing the web applications
webapp-wordlists
This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.
WebGoat
WebGoat is a deliberately insecure application