yield-c's starred repositories
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
modern-js-cheatsheet
Cheatsheet for the JavaScript knowledge you will frequently encounter in modern projects.
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
system-design-interview
System design interview for IT companies
gotraining
Go Training Class Material :
awesome-web-security
🐶 A curated list of Web Security materials and resources.
docker-bench-security
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
google-cloud-python
Google Cloud Client Library for Python
SSRF-Testing
SSRF (Server Side Request Forgery) testing resources
awesome-crypto-papers
A curated list of cryptography papers, articles, tutorials and howtos.
virtual-host-discovery
A script to enumerate virtual hosts on a server.
AuthMatrix
AuthMatrix is a Burp Suite extension that provides a simple way to test authorization in web applications and web services.
Open-Redirect-Payloads
Open Redirect Payloads
burp-molly-scanner
Turn your Burp suite into headless active web application vulnerability scanner
psychoPATH
psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & web file upload implementations allowing to write files into the webroot (aka document root). The "blind" aspect is the key here and is inherent to dynamic testing usually conducted with no access to the source code or the filesystem.
burp-tracer
Allows you to trace where inputs are reflected back to the user.