Pinned Repositories
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
awesome-burp-extensions
A curated list of amazingly awesome Burp Extensions
awesome-burp-suite
Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.
h4cker
This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
hackerone-reports
Top disclosed reports from HackerOne
MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
PhishingLogin
钓鱼页账号密码接收脚本
Red-Team-links
2019年红队资源链接,资源不是本人整理出来,来自互联网,因为流传的少,特意在此做个备份,做个分享。
Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
VpsEnvInstall
一键部署渗透VPS
fuzz-security's Repositories
fuzz-security/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
fuzz-security/Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
fuzz-security/hackerone-reports
Top disclosed reports from HackerOne
fuzz-security/PhishingLogin
钓鱼页账号密码接收脚本
fuzz-security/BurpSuite-Secret_Finder
Burp Suite extension to discover apikeys/accesstokens and sensitive data from HTTP response.
fuzz-security/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
fuzz-security/PENTESTING-BIBLE
Updates to this repository will continue to arrive until the number of links reaches 10000 links & 10000 pdf files .Learn Ethical Hacking and penetration testing .hundreds of ethical hacking & penetration testing & red team & cyber security & computer science resources.
fuzz-security/SecretFinder
SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
fuzz-security/Autorize
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
fuzz-security/collection-document
Collection of quality safety articles
fuzz-security/CyberChef
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
fuzz-security/from-rd-to-vul-research
From RD to Vulnerability Research
fuzz-security/Gf-Patterns
GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
fuzz-security/github-email
Get a GitHub user's email. :sunglasses: Use this responsibly.
fuzz-security/HttpCanary
A powerful capture and injection tool for the Android platform
fuzz-security/IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
fuzz-security/jadx
Dex to Java decompiler
fuzz-security/nightmare
fuzz-security/open-proxy
一键部署被墙网站反向代理; 免翻墙访问被禁网站
fuzz-security/openfortigui
VPN-GUI to connect to Fortigate-Hardware, based on openfortivpn
fuzz-security/paramFuzzer
一款高效的参数fuzz工具|A faster param fuzzing test tool
fuzz-security/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
fuzz-security/python_code_audit
python 代码审计项目
fuzz-security/SatanSword
红队综合渗透框架
fuzz-security/scrapy
Scrapy, a fast high-level web crawling & scraping framework for Python.
fuzz-security/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
fuzz-security/Sn1per
Automated pentest framework for offensive security experts
fuzz-security/Sublist3r
Fast subdomains enumeration tool for penetration testers
fuzz-security/tiscripts
Turbo Intruder Scripts
fuzz-security/toBeTopJavaer
To Be Top Javaer - Java工程师成神之路