yield-c

Arjun

HTTP parameter discovery suite.

awesome-microservices

A curated list of Microservice Architecture related principles and technologies.

bug-bounty-reference

Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature

BurpKit

Next-gen BurpSuite penetration testing tool

Commodity-Injection-Signatures

Scraped fresh from the Internet

CVE2015-7576

POC

cvss

CVSS (Common Vulnerability Scoring System) Calculator CVSSv3.0

filterbypass

gopher-reading-list

A curated selection of blog posts on Go

hackability

Probe a rendering engine for vulnerabilities and other features

IntruderPayloads

A collection of Burpsuite Intruder payloads, fuzz lists and file uploads

JStillery

Advanced JavaScript Deobfuscation via Partial Evaluation

JWT

JWT working and issues

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

projects

python-scripts

SecLists

SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.

security_whitepapers

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

tplmap

Automatic Server-Side Template Injection Detection and Exploitation Tool

usefulscripts

virtual-host-discovery

A script to enumerate virtual hosts on a server.

vulnerable-node

A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools

weapons4pentester

:gun: :hammer: :syringe: :hocho: This repo contains required files for web application pentest.

websecurity

xss-payload-list

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

XSStrike

Most advanced XSS detection suite.