Nexsus1985's Stars
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
blaCCkHatHacEEkr/PENTESTING-BIBLE
articles
1N3/Sn1per
Attack Surface Management Platform
EdOverflow/bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
k8gege/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
payloadbox/sql-injection-payload-list
🎯 SQL Injection Payload List
snoopysecurity/awesome-burp-extensions
A curated list of amazingly awesome Burp Extensions
bit4woo/knife
A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
elkokc/reflector
Burp plugin able to find reflected XSS on page in real-time while browsing on site
alphaSeclab/awesome-burp-suite
Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.
wireghoul/dotdotpwn
DotDotPwn - The Directory Traversal Fuzzer
nccgroup/AutoRepeater
Automated HTTP Request Repeating With Burp Suite
bit4woo/reCAPTCHA
reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
ewilded/shelling
SHELLING - a comprehensive OS command injection payload generator
cyberheartmi9/PayloadsAllTheThings
SpiderMate/B-XSSRF
Toolkit to detect and keep track on Blind XSS, XXE & SSRF
connormcgarr/Exploit-Development
zer0yu/Berserker
A list of useful payloads for Web Application Security and Pentest/CTF
c0ny1/HTTPHeadModifer
一款快速修改HTTP数据包头的Burp Suite插件
mystech7/Burp-Hunter
XSS Hunter Burp Plugin
BitTheByte/BitBlinder
BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities
Sy3Omda/burp-bounty
Burp Bounty profiles
attackercan/burp-xss-sql-plugin
ankitk323/ImgRce
Image Tragick Exploit Tool Using Burp Collaborator
yavolo/Web-CTF-Cheatsheet
Web CTF CheatSheet 🐈
augustd/burp-suite-jsonpath
JSONPath extension for BurpSuite
ivision-research/burp-highlighter
josdoaitran/payload-for-security-testing
List out all of payload for security testing
pcdunyasitv/XSSPWN
dradis/dradis-burp
Burp Suite plugin for the Dradis Framework