alessio-romano's Stars
minimaxir/big-list-of-naughty-strings
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
juliocesarfort/public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
six2dez/reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
s0md3v/AwesomeXSS
Awesome XSS stuff
coreb1t/awesome-pentest-cheat-sheets
Collection of the cheat sheets useful for pentesting
six2dez/OneListForAll
Rockyou for web fuzzing
six2dez/pentest-book
edoardottt/cariddi
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
j3ssie/metabigor
OSINT tools and more but without API key
TakSec/google-dorks-bug-bounty
A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting
six2dez/OSCP-Human-Guide
My own OSCP guide
BullsEye0/dorks-eye
Dorks Eye Google Hacking Dork Scraping and Searching Script. Dorks Eye is a script I made in python 3. With this tool, you can easily find Google Dorks. Dork Eye collects potentially vulnerable web pages and applications on the Internet or other awesome info that is picked up by Google's search bots. Author: Jolanda de Koff
luigigubello/PayloadsAllThePDFs
PDF Files for Pentesting
alessio-romano/Sfoffo-Pentesting-Notes
All knowledge I gained from CTFs, real life penetration testing and learning by myself.
aszx87410/beyond-xss
Beyond XSS: Explore the Web Front-end Security Universe. A series about front-end security
R-s0n/bug-bounty-village-defcon32-workshop
The repo contains all the the notes, slides, and study material for my workshop at DEFCON 32 at the Bug Bounty Village
dub-flow/github-dorks
The repository contains useful GitHub dorks for finding open-source vulnerabilities.
alessio-romano/UniXSS
Leverage Uniform Normalization to perform XSS
partywavesec/invesalius3_vulnerabilities
InVesalius discovered CVE. CVE-2024-42845, CVE-2024-44825