EntimaitHack's Stars
ambionics/symfony-exploits
Exploits targeting Symfony
coffinxp/CorsExploit
waf-bypass-maker/waf-community-bypasses
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
h4x0r-dz/Leaked-Credentials
how to look for Leaked Credentials !
elkokc/reflector
Burp plugin able to find reflected XSS on page in real-time while browsing on site
DhiyaneshGeek/My-Presentation-Slides
Collection's of Tech Talk that are presented by me :)
six2dez/OneListForAll
Rockyou for web fuzzing
ayadim/Nuclei-bug-hunter
i will upload more templates here to share with the comunity.
m4ll0k/SecretFinder
SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
orwagodfather/WordList
thecyberneh/wafbypass
Collection of different Web Application Firewall payloads
thecyberneh/inside403
Inside403 is a powerful and versatile web security testing tool designed to assess the robustness of web pages and directories against 403 Forbidden errors. This tool is specifically crafted for security professionals, penetration testers, and ethical hackers who seek to identify potential vulnerabilities in web applications.
CharanRayudu/Custom-Nuclei-Templates
payloadbox/command-injection-payload-list
🎯 Command Injection Payload List
projectdiscovery/nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
incogbyte/shosubgo
Small tool to Grab subdomains using Shodan api.
Az0x7/vulnerability-Checklist
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
kleiton0x00/Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
xnl-h4ck3r/GAP-Burp-Extension
Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
projectdiscovery/httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
plenumlab/rce-finder
A tool to find good RCE
rohsec/LEAKEY
LEAKEY is a bash script which checks and validates for leaked credentials. The idea behind LEAKEY is to make it highly customizable and easy to add checks for new services.
imran-parray/Mind-Maps
Mind-Maps of Several Things
nullahm/BugBountyCTF-Reports
This repository contains fully disclosed accepted reports for the null Ahmedabad's Bug Bounty CTF.
Ignitetechnologies/bugbounty
R-s0n/Bug_Bounty_Notes
A collection of notes for bug bounty hunting
utkusen/socialhunter
crawls the website and finds broken social media links that can be hijacked
anshumanpattnaik/http-request-smuggling
HTTP Request Smuggling Detection Tool