$root: Whoami's repositories
bb-tips-tricks
Just Some Tips & Tricks for BB found on the Internet :D
easy-linux-pwn
A set of Linux binary exploitation tasks for beginners
aemscan
Adobe Experience Manager Vulnerability Scanner
android-vuln
安卓内核漏洞分析
Atlas
Quick SQLMap Tamper Suggester
awesome-oscp
A curated list of awesome OSCP resources
binary-exploitation-intro
A gentle introduction to binary exploitation
cryptocoding
Guidelines for low-level cryptography software
CTF-Heaven
💻 CTF Heaven
EVABS
An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners. The effort is to introduce beginners with very limited or zero knowledge to some of the major and commonly found real-world based Android application vulnerabilities in a story-based, interactive model. EVABS follows a level-wise difficulty approach and in each level, the player learns a new concept. This project is still under progress and aims at incorporating as many levels as possible.
FBUnpinner
A script to remove SSL Pinning from Facebook Android apps
FuzzingPaper
Recent Fuzzing Paper
iOS-1
Most usable tools for iOS penetration testing
Keye
Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a list of urls, it will make a request to these urls and it will try to detect changes on these urls based on their Content-Length.
keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
LinkedInt
LinkedInt: A LinkedIn scraper for reconnaissance during adversary simulation
NaughtyStrings
Provides a strong typed .NET API for the Big List of Naughty Strings https://github.com/minimaxir/big-list-of-naughty-strings
poc-graphql
Research on GraphQL from an AppSec point of view.
pocorgtfo
a "PoC or GTFO" mirror with extra article index, direct links and clean PDFs.
RE-iOS-Apps
A completely free, open source and online course about Reverse Engineering iOS Applications.
Spring-Boot-Actuator-Exploit
Spring Boot Actuator (jolokia) XXE/RCE
VulnCases
Oh it's just a bunch of vulns for references.
w12scan
🚀 A simple asset discovery engine for cybersecurity. (网络资产发现引擎)
w12scan-client
网络资产搜索发现引擎,w12scan 扫描端程序
web-cve-tests
A simple framework for sending test payloads for known web CVEs.
WebFuzzAttack
web模糊测试 - 将漏洞可能性放大
XSS-Payloads
List of XSS Vectors/Payloads