DoS0x99
~ Software Engineer | Security Enthusiast | ~ Love to see how things work behind the scene
somewhere in the universe
DoS0x99's Stars
shieldfy/API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
The-Art-of-Hacking/h4cker
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
streaak/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
google/security-research
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
0xsyr0/OSCP
OSCP Cheat Sheet
assetnote/kiterunner
Contextual Content Discovery Tool
six2dez/OneListForAll
Rockyou for web fuzzing
0xSobky/HackVault
A container repository for my public web hacks!
ThePorgs/Exegol
Fully featured and community-driven hacking environment
0vercl0k/rp
rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.
hahwul/DevSecOps
♾️ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎
ine-labs/AWSGoat
AWSGoat : A Damn Vulnerable AWS Infrastructure
iamj0ker/bypass-403
A simple script just made for self use for bypassing 403
lobuhi/byp4xx
40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...
stong/infosec-resources
A list of helpful cybersecurity / infosec resources
mchehab/zbar
ZBar is an open source software suite for reading bar codes from various sources, including webcams. As its development stopped in 2012, I took the task of keeping it updated with the V4L2 API. This is the main repository for it. There's a clone at at LinuxTV.org, and another one at gitlab.
assetnote/surf
Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable SSRF candidates.
trufflesecurity/xsshunter
hakluke/bug-bounty-standards
A list of edge cases that occur in bug bounty programs, conversations on how they should be handled. The goal is to standardise the way that specific situations are handled in bug bounties.
yevh/VulnPlanet
Vulnerable code snippets with fixes for Web2, Web3, API, iOS, Android and Infrastructure-as-Code (IaC)
gotr00t0day/forbiddenpass
m0nad/DNS-Discovery
DNS-Discovery is a multithreaded subdomain bruteforcer.
cezary-sec/awesome-browser-security
A curated list of awesome browser security learning material.
ariary/notionterm
🖥️📖 Embed reverse shell in Notion pages
star-sg/Presentations
w3c/secure-payment-confirmation
Secure Payment Confirmation (SPC)
phlmox/public-reports
bug bounty disclosed reports
zPrototype/bugbounty_stuff
PatrikFehrenbach/practical-bug-bounty
A Django web application for curating Bug Bounty educational Videos
Probely/vulnerabilities-knowledge-base
Vulnerability