chr0ll0's repositories
Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
AFL
american fuzzy lop - a security-oriented fuzzer
ATP-PowerShell-Scripts
Microsoft Signed PowerShell scripts
awesome-android-security
A curated list of Android Security materials and resources For Pentesters and Bug Hunters
Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
awesome-privilege-escalation
A curated list of awesome privilege escalation
Awesome-WAF
🔥 Everything awesome about web-application firewalls (WAF).
Bug-bounty
Ressources for bug bounty hunting
Collabfiltrator
Exfiltrate blind remote code execution output over DNS via Burp Collaborator.
cvelist
Pilot program for CVE submission through GitHub
fahmifj.github.io
Personal blog
find-sec-bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Free-WebSec-Class
Course materials for LOL's Free Web Security Class
HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
hacks
A collection of hacks and one-off scripts
HTB
HackTheBox
MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
osintgpt
An open-source intelligence (OSINT) analysis tool leveraging GPT-powered embeddings and vector search engines for efficient data processing
Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等,欢迎补充、完善---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
privilege-escalation-awesome-scripts-suite
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
pwn_jenkins
Notes about attacking Jenkins servers
PwnXSS
PwnXSS: Vulnerability (XSS) scanner exploit
secDevLabs
A laboratory for learning secure web development in a practical manner.
the-book-of-secret-knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
top10webseclist
Top Ten Web Hacking Techniques List