blackmanjack's Stars
s0md3v/Corsy
CORS Misconfiguration Scanner
0xacb/recollapse
REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
epinna/tplmap
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
R-s0n/ars0n-framework
A Modern Framework for Bug Bounty Hunting
rodolfomarianocy/OSCP-Tricks-2023
OSCP 2023 Preparation Guide | Courses, Tricks, Tutorials, Exercises, Machines
plenumlab/rce-finder
A tool to find good RCE
chaitin/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
BugBountyzip/Bambdas
0xsyr0/OSCP
OSCP Cheat Sheet
iosiro/baserunner
A tool for exploring Firebase datastores.
security-prince/PWK-OSCP-Preparation-Roadmap
Roadmap for preparing for OSCP, anyone is free to use this, and also feedback and contributions are welcome
0x4D31/awesome-oscp
A curated list of awesome OSCP resources
RustyShackleford221/OSCP-Prep
A comprehensive guide/material for anyone looking to get into infosec or take the OSCP exam
RihaMaheshwari/OSCP-Preparation-Material
All in One OSCP Preparation Material
Malfrats/xeuledoc
Fetch information about a public Google document.
AlbusSec/Penetration-List
Penetration-List: A comprehensive resource for testers, covering all types of vulnerabilities and materials used in Penetration Testing. Includes payloads, dorks, fuzzing materials, and offers in-depth theory sections. Visit our Medium profile for more information.
ElSicarius/findalllinks
A tool to extract all the urls and paths found in the content of a page (js sources included)
brcyrr/OSCP
#cheat sheet for OSCP
reewardius/bbFuzzing.txt
saisathvik1/OSCP-Cheatsheet
OSCP Cheatsheet by Sai Sathvik
duckduckgo/tracker-radar
Data set of top third party web domains with rich metadata about them
botesjuan/Burp-Suite-Certified-Practitioner-Exam-Study
Burp Suite Certified Practitioner Exam Study
d3mondev/puredns
Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
Brum3ns/encode
Script to read input from stdin and encode it
visma-prodsec/confused
Tool to check for dependency confusion vulnerabilities in multiple package management systems
x1337loser/Dependency-Confusion
All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)
carlospolop/fuzzhttpbypass
This tool use fuuzzing to try to bypass unknown authentication methods, who knows...
PentestPad/subzy
Subdomain takeover vulnerability checker
sa1tama0/Blind-XSS-SVG
Blind XSS SVG
Bo0oM/fuzz.txt
Potentially dangerous files