Nguyễn Huỳnh Long's repositories
hackthebox-writeups
Writeups for HacktheBox 'boot2root' machines
pentest-guide
Penetration tests guide based on OWASP including test cases, resources and examples.
security-tools
Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Red-Teaming-Toolkit
A collection of open source and commercial tools that aid in red team operations.
awesome-api-security
A collection of awesome API Security tools and resources.
Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
discover
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
DVWA
Damn Vulnerable Web Application (DVWA)
gau
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
jwt-webtool
Source code repo for the online JWT webtool.
Lockdoor-Framework
🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
mojoportal
mojoPortal is an extensible, cross database, mobile friendly, web content management system (CMS) and web application framework written in C# ASP.NET.
nahamsec.training
The labs for my Udemy course (https://www.udemy.com/course/intro-to-bug-bounty-by-nahamsec)
PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
presto
The official home of the Presto distributed SQL query engine for big data
python-docs-hello-world
A simple python application for docs
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
webshell
This is a webshell open source project
wp-backdoor
Many times I have asked myself how to maintain access to a compromised WordPress site for the sake of surveillance/data gathering/etc... Apart from reverse shells, of course, because I see some issues with the reverse shells stuff. That's why I posted this WordPress Backdoor.