susantaroy2002

assetfinder

Find domains and subdomains related to a given domain

cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

CloudPentestCheatsheets

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

the-book-of-secret-knowledge

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

Amass

In-depth Attack Surface Mapping and Asset Discovery

apkurlgrep

Extract endpoints from APK files

autoSource

Automated SonarQube

awesome-bug-bounty

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

Awesome-Bugbounty-Writeups

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

awesome-docker-security

📚 A curated list of awesome Docker security resources

BugBountyTools

Tools that i personally use for Bug Bounty Hunting and web assessments.

CISM_Bootcamp

CISSP_Bootcamp

ctf-notes

dirty_sock

Ubuntu Linux privilege escalation exploit (CVE-2019-7304)

gr-lora

GNU Radio blocks for receiving LoRa modulated radio messages using SDR

GRFICS

Graphical Realism Framework for Industrial Control Simulations

httprobe

Take a list of domains and probe for working HTTP and HTTPS servers

instainsane

Multi-threaded Instagram Brute Forcer (100 attemps at once)

IPRotate_Burp_Extension

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

nats-general

General NATS Information

nodebestpractices

The largest Node.js best practices list (February 2019)

nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

pacu

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Paper

Web Security Technology & Vulnerability Analysis Whitepapers

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

tbhm

The Bug Hunters Methodology

Vulnhub-CTF-Writeups

This cheasheet is aimed at the CTF Players and Beginners to help them sort Vulnhub Labs. This list contains all the writeups available on hackingarticles.

whatsapp-web-clone

Clone of Whatsapp Web's current UI.