ipentest

cors-exploit

HTML to exploit CORS misconfigurations

homebrewcasks

List of all homebrews for Kali

tools

This is a set of tools which I've used or collected for my pen testing

dns-cache-poisoning-poc

31-days-of-API-Security-Tips

This challenge is Inon Shkedy's 31 days API Security Tips.

31days

bbdorks

Added all Google dorks with which to search for bbs

bbt

Tweets with bug bounty tips

chooseani

Automating choosing the right animal C++

cors-poc

This is a poc for CORS

dencoder

zeit.co publish

elkstack

All details about how to install, deploy, test the ElasticSearch, LogStash, Kibana stack

entropytester

This tests entropy of your random typing

ezXSS

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

github-dorks-for-pentesting

As the name says

github-secrets

Python code to scan github secrets

hacking

All stuff about hacking

homeopathy

This is a collection of all the videos, documents and everything else that might help a practitioner

justindex

This is an index.html for redirection pocs

live-recon-with-nahamsec

This is the repo with all the points from various interviews

loginform

login form

mousemover

Mouse mover powershell script for those days

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

pgp

My PGP public key

recon

Recreating recon without all the fancy ++ stuff in filenames

resume

Adding my resume here

rfi-xss

This is a link to a js file to execute as rfi

SecLists

SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.

swf_json_csrf

vercel-examples