Mentsh

assessment-mindset

Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.

penetration-testing-cheat-sheet

Starting Point

Pentesters-Mindmap

Pentesters Mindmap of tasks

API-Security-Checklist

Checklist of the most important security countermeasures when designing, testing, and releasing your API

awesome-bug-bounty

awesome-security

A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.

AwesomeXSS

Awesome XSS stuff

Blazy

Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .

bugcrowd-levelup-subdomain-enumeration

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

bypass-403

Curl script for 403 attempted bypass

CheatSheetSeries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

cloudflare_enum

Cloudflare DNS Enumeration Tool for Pentesters

Down-The-Rabbit-Hole

Blue Team Operations

fuzz-lightyear

A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos engineering testing and stateful, Swagger fuzzing.

github-dorks

Collection of github dorks and helper tool to automate the process of checking dorks

Gray-Hacker-Resources

👾Useful for CTFs, wargames, pentesting. For fun or profit. 👾

hakrevdns

Small, fast tool for performing reverse DNS lookups en masse.

Interlace

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

ios-penetration-testing-cheat-sheet

Work in progress...

knock

Knock Subdomain Scan

LazyRecon

An automated approach to performing recon for bug bounty hunting and penetration testing.

Markdown-XSS-Payloads

XSS payloads for exploiting Markdown syntax

MobileHackingCheatSheet

Basics on commands/tools/info on how to assess the security of mobile applications

mrr3boot.github.io

Quick Repo for any Bug Hunter

Offensive-Security-Cheatsheets

Offensive Security / Pentesting Cheat Sheets

OSINT-Framework

OSINT Framework

pentest-wiki

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

Scanners-Box

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

the-book-of-secret-knowledge

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

wifi-penetration-testing-cheat-sheet

Work in progress...