MPaandeey's Stars
zigoo0/JSONBee
A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.
federicodotta/Java-Deserialization-Scanner
All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities
ffuf/ffuf
Fast web fuzzer written in Go
s0md3v/Arjun
HTTP parameter discovery suite.
vitalysim/totalrecon
TotalRecon installs all the recon tools you need
tomnomnom/waybackurls
Fetch all the URLs that the Wayback Machine knows about for a domain
sehno/Bug-bounty
Ressources for bug bounty hunting
devanshbatham/OpenRedireX
A fuzzer for detecting open redirect vulnerabilities
edduu/Arjun
HTTP parameter discovery suite.
devanshbatham/ArchiveFuzz
Hunt down the secrets from the WebArchives for Fun and Profit
devanshbatham/ParamSpider
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
projectdiscovery/nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
ehrishirajsharma/Swiftness
A note-taking macOS app for penetration-testers.
MobSF/Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
codewatchorg/Burp-AnonymousCloud
Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities
infoslack/awesome-web-hacking
A list of web application security
kaushikgopal/RxJava-Android-Samples
Learning RxJava for Android by example
We5ter/Scanners-Box
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
gwen001/pentest-tools
A collection of custom security tools for quick needs.
arismelachroinos/lscript
The LAZY script will make your life easier, and of course faster.
WebGoat/WebGoat
WebGoat is a deliberately insecure application
ac-pm/SSLUnpinning_Xposed
Android Xposed Module to bypass SSL certificate validation (Certificate Pinning).
foospidy/payloads
Git All the Payloads! A collection of web attack payloads.
wagiro/BurpBounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
s0md3v/AwesomeXSS
Awesome XSS stuff
EdOverflow/bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
blaCCkHatHacEEkr/PENTESTING-BIBLE
articles
hakluke/hakrawler
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
Leoid/MatchandReplace
Match and Replace script used to automatically generate JSON option file to BurpSuite