Ferry's repositories
Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
awesome-google-vrp-writeups
🐛 A list of writeups from the Google VRP Bug Bounty program
bugbounty
Bugbounty Resources
clairvoyance
Obtain GraphQL API schema despite disabled introspection!
CVE-2022-24992
CVE-2022–24992
forbidden
Bypass 4xx HTTP response status codes. Based on PycURL.
js2wordlist
Simple python script to create wordlist from .js file
nucleimass
Simple bash script to automate mass subdomain nuclei scanning with Notification
useful-bash-one-line-scripts
This repo contains all of my useful one line bash scripts, It's would be great if you want to add some line to repo ;)
webappvuln
Best Resources to learning about Common Web Application Vulnerabilities
beyond-xss
Beyond XSS: Explore the Web Front-end Security Universe. A series about front-end security
bugbountytips
always updating
Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
Gf-Patterns
GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
go-json-unmarshal-playground
Playing with Go umarshalling JSON
inventory
Asset inventory on public bug bounty programs.
keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
LibreOffice_Tips_Bug_Bounty
Some tips for Bug Bounty using LibreOffice
n0lsecurity
Config files for my GitHub profile.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
public-pentesting-reports
Curated list of public penetration test reports released by several consulting firms and academic security groups
reconer
Reconer - Simple RECON bash script
S3Scanner
Scan for open S3 buckets and dump the contents
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
SSRF-Testing
SSRF (Server Side Request Forgery) testing resources
Web-Attack-Cheat-Sheet
Web Attack Cheat Sheet
ysoserial.net
Deserialization payload generator for a variety of .NET formatters