Jay Sharma's repositories
AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
AndroidSecNotes
An actively maintained, Self curated notes related to android application security for security professionals, bugbounty hunters, pentesters, reverse engineer, and redteamers.
Autorize
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
Awesome-Azure-Pentest
A collection of resources, tools and more for penetration testing and securing Microsofts cloud platform Azure.
awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
azureOutlookC2
Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Microsoft Graph API for C2 Operations.
CloudPentestCheatsheets
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
crlfuzz
A fast tool to scan CRLF vulnerability written in Go
cs-challenge
Detectify Crowdsource Challenge
CVE-2021-40444
CVE-2021-40444 PoC
FuzzingTool
Software for fuzzing, used on web application pentestings.
h2csmuggler
HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
HolyTips
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
HowToHunt
Tutorials and Things to Do while Hunting Vulnerability.
keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
OSCP-Exam-Report-Template-Markdown
:orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
Penetration_Testing_POC
有关渗透测试的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
public-pentesting-reports
Curated list of public penetration test reports released by several consulting firms and academic security groups
pwn_jenkins
Notes about attacking Jenkins servers
PwnXSS
PwnXSS: Vulnerability (XSS) scanner exploit
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
security_resources
Collection of online security resources
Top10
Official OWASP Top 10 Document Repository
wfuzz
Web application fuzzer