bishDOTexe's Stars
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
peass-ng/PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
fortra/impacket
Impacket is a collection of Python classes for working with network protocols.
owasp-amass/amass
In-depth attack surface mapping and asset discovery
laramies/theHarvester
E-mails, subdomains and names Harvester - OSINT
nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
OJ/gobuster
Directory/File, DNS and VHost busting tool written in Go
HavocFramework/Havoc
The Havoc Framework
haad/proxychains
proxychains - a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Supported auth-types: "user/pass" for SOCKS4/5, "basic" for HTTP.
streaak/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
jhaddix/tbhm
The Bug Hunters Methodology
0dayCTF/reverse-shell-generator
Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)
sc0tfree/updog
Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.
Bo0oM/fuzz.txt
Potentially dangerous files
HolyBugx/HolyTips
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
sehno/Bug-bounty
Ressources for bug bounty hunting
chvancooten/maldev-for-dummies
A workshop about Malware Development
tanprathan/OWASP-Testing-Checklist
OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases.
Flangvik/TeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
gmelodie/awesome-wordlists
A curated list wordlists for bruteforcing and fuzzing
zeronetworks/BlueHound
BlueHound - pinpoint the security issues that actually matter
TCM-Course-Resources/Windows-Privilege-Escalation-Resources
Compilation of Resources from TCM's Windows Priv Esc Udemy Course
hmaverickadams/External-Pentest-Checklist
lespalt/iRon
ChristopherA/revocable-self-signed-tls-certificates-hack
As a proof-of-concept, we will show how easy it is to revoke a self-signed certificate using the bitcoin blockchain. This will also demonstrate how we may be able to use similar approaches for more advanced capabilities that current X.509 infrastructure do not.
Almorabea/Polkit-exploit
Privilege escalation with polkit - CVE-2021-3560
zBreeez3y/EzEnum
A simple Bash script to automate some organization and repetitive tasks while doing TryHackMe or HackTheBox machines
scriptjunkie/Hacker-Games-Evil-VM
A CTF VM that fights back
polo-sec/armory
A curated repository of the tools, scripts, resources and programs I use regularly for CTF, BB or other security work.