gregxsunday's Stars
justcatthefish/justctf-2023
justCTF 2023 challenges sources
EdOverflow/can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
notthehiddenwiki/NTHW
Not The Hidden Wiki - The largest repository of links related to cybersecurity
narfindustries/http-garden
Differential testing and fuzzing of HTTP servers and proxies
doyensec/Session-Hijacking-Visual-Exploitation
Session Hijacking Visual Exploitation
Escape-Technologies/graphql-wordlist
The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.
owasp-amass/amass
In-depth attack surface mapping and asset discovery
BishopFox/jsluice
Extract URLs, paths, secrets, and other interesting bits from JavaScript
cure53/Contracts
A small collection of potentially useful contract templates
cujanovic/SSRF-Testing
SSRF (Server Side Request Forgery) testing resources
espanso/espanso
Cross-platform Text Expander written in Rust
doyensec/PESD-Exporter-Extension
PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
hisxo/ReconAIzer
A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomains and more!
hwchase17/adversarial-prompts
Curation of prompts that are known to be adversarial to large language models
robre/jsmon
a javascript change monitoring tool for bugbounties
corkami/pics
File formats dissections and more...
immunefi-team/Web3-Security-Library
Information about web3 security and programming tutorials/tools
chbrown/unmap
Unpack a JavaScript Source Map back into filesystem structure
wireghoul/graudit
grep rough audit - source code auditing tool
stark0de/nginxpwner
Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.
justcatthefish/ctf-writeups
CTF write-ups
xdavidhu/awesome-google-vrp-writeups
🐛 A list of writeups from the Google VRP Bug Bounty program
jagracey/Awesome-Unicode
:joy: :ok_hand: A curated list of delightful Unicode tidbits, packages and resources.
stripe/smokescreen
A simple HTTP proxy that fogs over naughty URLs
jhipster/generator-jhipster
JHipster is a development platform to quickly generate, develop, & deploy modern web applications & microservice architectures.
ckkok/spring4shell-poc
dylanaraps/pure-bash-bible
📖 A collection of pure bash alternatives to external processes.
assetnote/blind-ssrf-chains
An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
Puliczek/awesome-list-of-secrets-in-environment-variables
🦄🔒 Awesome list of secrets in environment variables 🖥️
hakluke/bug-bounty-standards
A list of edge cases that occur in bug bounty programs, conversations on how they should be handled. The goal is to standardise the way that specific situations are handled in bug bounties.