yehgdotnet

data-payloads

Some useful test data or payloads

attack

Utilities/scripts/files to assist emulation of MITRE ATT&CK / PRE-ATT&CK prepared by Myo Soe

archived

archived-joomla-cms-sources

archived Joomla cms sources for those who might find them useful for historical reasons

ASVS

Application Security Verification Standard

commonspeak

Content discovery wordlists generated using BigQuery

frogy

My subdomain enumeration script. It's unique in the way it is built upon.

hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

http-request-smuggling

HTTP Request Smuggling Detection Tool

One-Lin3r

Gives you one-liners that aids in penetration testing operations, privilege escalation and more

clean-architecture-demo

A sample app for my presentation on Clean Architecture: Patterns, Practices, and Principles

CVE-2021-40444

CVE-2021-40444 PoC

docker_fetch

Data extraction tool for Docker Registry API

ds-store-reader

.DS_Store Reader

fixed-old-exploits

.

Font-Awesome

The iconic SVG, font, and CSS toolkit

golang-expense-analyzer

Tune according to your needs

katacoda-scenarios

Katacoda Scenarios

missing-gvm-scripts

Missing gvm cli scripts

openresty-1.15.8.1

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

PEASS-ng

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

static-binaries

Various *nix tools built as statically-linked binaries

su-bruteforce

test1

tmp

trike

A threat modeling tool that implements the Trike v2 methodology in Smalltalk

wordlistbackups

wordlists

Mirror of known wordlists

www-project-web-security-testing-guide

The Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and security professionals.