Pramod Yadav's repositories
AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
airixss
Finding XSS during recon
Auto-GPT
An experimental open-source attempt to make GPT-4 fully autonomous.
Awesome-CloudSec-Labs
Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.
BLACKHAT_USA2022
BLACKHAT USA2022 PDF Public
CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Conferences
Conference slides
crlfuzz
A fast tool to scan CRLF vulnerability written in Go
Cybersecurity-Resources
A Library of various cybersecurity resources
fimap
fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion bugs in webapps.
ghauri
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
gs-securing-web
Securing a Web Application :: Learn how to protect your web application with Spring Security.
Hacker-Trends
Trends Website (URL) from Twitter hackers.
HowToHunt
Tutorials and Things to Do while Hunting Vulnerability.
KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
match-replace-burp
Useful Match and Replace BurpSuite Rules
Mind-Maps
Mind-Maps of Several Things
Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
nuclei-docs
Nuclei documentation
openzeppelin-contracts
OpenZeppelin Contracts is a library for secure smart contract development.
owasp-mstg
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
public-bugbounty-programs
Community curated list of public bug bounty and responsible disclosure programs.
RedTeam_BlueTeam_HW
红蓝对抗以及护网相关工具和资料,内存shellcode(cs+msf)和内存马查杀工具
repo_hunter
This small script can download or update all the GitHub repo of your choice.
spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
wordlists
Real-world infosec wordlists, updated regularly
XSS-Payloads
List of XSS Vectors/Payloads