Lists (32)
Sort Name ascending (A-Z)
💚 android
🤖 automated scanners
🟦 blue
🧰 burp
🔖 cheatsheets
🌩️ cloud
🔎 code-audit
🔐 crypto
🕸️ ctf
🧶 (de)obfuscate
⌨️ development
🗒️ domains/subdomains
🔠 encoding/charsets
🕵️ forensics
🔩 general automation
📱 iOS
🌐 IoT
🍏 macOS
🌐 networking
🐧 nix
github
🕵️ OSINT
✂️ parsers
💣 PoCs
🌀 random
🟥 red
♻️ reverse
🥷 sec automation
😷 vulnerable apps
🕸️ webappsec
📜 wordlists
📖 writeups/research
Stars
- All languages
- Assembly
- BlitzBasic
- C
- C#
- C++
- CSS
- Clojure
- CoffeeScript
- DIGITAL Command Language
- Dart
- Dockerfile
- Emacs Lisp
- FreeMarker
- Go
- HTML
- Handlebars
- Haskell
- Inno Setup
- Java
- JavaScript
- Jinja
- Jupyter Notebook
- Kotlin
- Lua
- Makefile
- Markdown
- Modula-2
- OCaml
- Objective-C++
- PHP
- Pascal
- Perl
- PowerShell
- Python
- QML
- Ruby
- Rust
- SCSS
- Shell
- Smali
- Solidity
- Starlark
- Svelte
- Swift
- TeX
- TypeScript
- VCL
- Vim Script
- Visual Basic .NET
- Vue
- YARA
A tool for testing for certificate validation vulnerabilities of TLS connections made by a client device or an application.
Differential fuzzing REPL for HTTP implementations.
Pre-Built Vulnerable Environments Based on Docker-Compose
⭐️ Let's turn this readme into a galaxy of stars!
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
A collection of Server-Side Prototype Pollution gadgets and exploits
🤪 A list of funny and tricky JavaScript examples
fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.
The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.
A toy compiler that can convert Python scripts 🐍 to pickle bytecode 🥒
A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate
🤖🏴☠️ radare2 plugin for GPT-4 🦜. Solve crackmes automatically 🪄
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
A projectdiscovery driven attack surface monitoring bot powered by axiom
Configure external DNS servers (AWS Route53, Google CloudDNS and others) for Kubernetes Ingresses and Services
The main goal of this repo is to learn about the gRPC communication patterns and hunt for vulnerabilities in the gRPC-Web app to improve your hunting skills
Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.
sorted russian names/surnames wordlists
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
Fuzz WebSockets with custom Python code
Save your dorking results to the terminal. A modified version of TomNomNom's amazing tool!
A simple plugin to export JS files from one or multiple targets
For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)
Extract JavaScript source trees from Sourcemap files