m0hs1ne

apk-mitm

🤖 A CLI application that automatically prepares Android APK files for HTTPS inspection

security-study-plan

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

nuclei-wordfence-cve

The EXCLUSIVE Collection of 40,000+ Nuclei templates based on Wordfence intel. Daily updates for bulletproof WordPress security.

Hacking-APIs

PurpleLab

PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection rules, simulate logs, and undertake various security tasks, all accessible through a user-friendly web interface

ReconAIzer

A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomains and more!

awesome-cicd-security

:books: A curated list of awesome CI CD security resources

OneDorkForAll

An insane list of all dorks taken from everywhere from various different sources.

Dorks-collections-list

List of Github repositories and articles with list of dorks for different search engines

NucleiScanner

NucleiScanner is a Powerful Automation tool for detecting Unknown Vulnerabilities in the Web Applications

DOMPurify

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

waltuhium

Fully Undetected Grabber (Grabs Wallets, Passwords, Cookies, Modifies Discord Client Etc.) Disclaimer: We are not responsible for any damages this software may cause after being acquired. This software was made for personal education and sandbox testing.

RegHex

A collection of regexes for every possbile use

AssetViz

AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration testers and bug bounty hunters conducting reconnaissance, AssetViz provides intuitive insights into domain structures for informed decision-making.

fuxploider

File upload vulnerability scanner and exploitation tool.

subfalcon

subfalcon is a subdomain enumeration tool that allows you to discover and monitor subdomains for a given list of domains. It fetches subdomains from various sources [crtsh, hackertargetapi, anubis, alienvault, rappiddns, urlscan ] , saves them to a SQLite database, and can notify updates via Discord.

InternalAllTheThings

Active Directory and Internal Pentest Cheatsheets

jsluicepp

jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice

SploitScan

SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits.

Atlas

Quick SQLMap Tamper Suggester

BurpSuite-For-Pentester

This cheatsheet is built for the Bug Bounty Hunters and penetration testers in order to help them hunt the vulnerabilities from P4 to P1 solely and completely with "BurpSuite".

afrog

A Security Tool for Bug Bounty, Pentest and Red Teaming.

cvemap

Navigate the CVE jungle with ease.

HowToHunt

Collection of methodology and test case for various web vulnerabilities.

BugBible

copilot-gpt4-service

Convert Github Copilot to ChatGPT

QuickXSS

Automating XSS using Bash

BypassAV

This map lists the essential techniques to bypass anti-virus and EDR

SSH-Snake

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

secbutler

The perfect butler for pentesters, bug-bounty hunters and security researchers