Dipak Kumar Das's repositories
1earn
个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
mySapAdventures
A quick methodology on testing / hacking SAP Applications for n00bz and bug bounty hunters
reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
SubWalker
Bash recon script to simultaneously execute various subdomain enumeration tools and parse results.
h8mail
Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
AllVideoPocsFromHackerOne
This script grab public report from hacker one and make some folders with poc videos
Insecure-Firebase-Exploit
A simple Python Exploit to Write Data to Insecure/vulnerable firebase databases! Commonly found inside Mobile Apps. If the owner of the app have set the security rules as true for both "read" & "write" an attacker can probably dump database and write his own data to firebase db.
postgres-baseline
DevSec PostgreSQL Baseline - InSpec Profile
AllAboutBugBounty
All about bug websites (bypasses, payloads, and etc)
DNSGrep
Quickly Search Large DNS Datasets
how-to-secure-anything
How to systematically secure anything: a repository about security engineering
wordlists-1
Automated & Manual Wordlists provided by Assetnote
attack-coverage
an excel-centric approach for the MITRE ATT&CK® Tactics and Techniques
feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
burpdeveltraining
Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
XXE-study
This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a playground to teach or test with Vulnerability scanners / WAF rules / Secure Configuration settings.
grep-pattern
collection of various grep patterns collected from tomnomnom/gf and other places
30-Days-Of-JavaScript
30 days of JavaScript programming challenge is a step by step guide to learn JavaScript programming language in 30 days
client-side-prototype-pollution
Prototype Pollution and useful Script Gadgets
chaos-hunt
Bash Script to Hunt all the targets/Subdomains from Chaos by Project Discovery Team
web-methodology
Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
continuous-nuclei
Running nuclei Continuously
CloudBrute
Awesome cloud enumerator
bounty-targets-alert
It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.