Olivertweesty's Stars
trimstray/the-book-of-secret-knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
OWASP/CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
ffuf/ffuf
Fast web fuzzer written in Go
fuzzdb-project/fuzzdb
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
The-Z-Labs/linux-exploit-suggester
Linux privilege escalation auditing tool
gwen001/pentest-tools
A collection of custom security tools for quick needs.
payloadbox/command-injection-payload-list
🎯 Command Injection Payload List
Voorivex/pentest-guide
Penetration tests guide based on OWASP including test cases, resources and examples.
stevenvachon/broken-link-checker
Find broken links, missing images, etc within your HTML.
neex/phuip-fpizdam
Exploit for CVE-2019-11043
1N3/BlackWidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
gwen001/github-search
A collection of tools to perform searches on GitHub.
mattiasgeniar/php-exploit-scripts
A collection of PHP exploit scripts, found when investigating hacked servers. These are stored for educational purposes and to test fuzzers and vulnerability scanners. Feel free to contribute.
B3nac/InjuredAndroid
A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
RUB-NDS/CORStest
A simple CORS misconfiguration scanner
BitTheByte/Monitorizer
Monitoring framework to detect and report newly found subdomains on a specific target using various scanning tools
devploit/XORpass
Encoder to bypass WAF filters using XOR operations.
NotSoSecure/cloud-service-enum
SilverPoision/a-full-list-of-wordlists
this contain the burp pack
Mad-robot/Spartan
My Recon Automation
hexrom/PenetrationTesting-Playbook
Penetration Testing Notes and Playbook (PTP)
netlight/security-challenge
SQL injection challenge
MK-Ware/admin-panel-finder
A powerful admin login page finder in python
sighook/spoofcheck
Simple script that checks a domain for email protections
thegsoinfosec/web-app
Tools and resources for web app hacking. The payloads.txt documents are a must have for your Burpsuite intruder payload armory. They've helped me discover some stubborn and well hidden XSS vulnerabilities.
J2TEAM/xss-me
A simple web application to learn about Cross-Site Scripting (XSS)
ryotosaito/beginner-sqli
SQL injection hands-on for CTF beginners
Olivertweesty/Andromeda
Andromeda - Interactive Reverse Engineering Tool for Android Applications