hiddengearz's Stars
OWASP/CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
owasp-amass/amass
In-depth attack surface mapping and asset discovery
go-swagger/go-swagger
Swagger 2.0 implementation for go
HackTricks-wiki/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
OWASP/wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
fnproject/fn
The container native, cloud agnostic serverless platform.
neutrinolabs/xrdp
xrdp: an open source RDP server
s0md3v/Arjun
HTTP parameter discovery suite.
aws-samples/aws-cdk-examples
Example projects using the AWS CDK
KingOfBugbounty/KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
TheRook/subbrute
A DNS meta-query spider that enumerates DNS records, and subdomains.
ohpe/juicy-potato
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
infosec-au/altdns
Generates permutations, alterations and mutations of subdomains and then resolves them
defparam/smuggler
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
m4ll0k/Atlas
Quick SQLMap Tamper Suggester
codingo/Interlace
Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
R0X4R/Garud
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
robre/jsmon
a javascript change monitoring tool for bugbounties
milo2012/pathbrute
Pathbrute
BuddhaLabs/PacketStorm-Exploits
Collection of publicly available exploits from Packetstorm
ThreatUnknown/jsubfinder
jsubfinder searches webpages for javascript & analyzes them for hidden subdomains and secrets (wip).
defparam/tiscripts
Turbo Intruder Scripts
nahamsec/crtndstry
Yet another subdomain finder
ptswarm/ptswarm-twitter
SecAuraYT/OSWE
Repo for OSWE related video content for @SecAura Youtube Channel
pentestify/security-remediation-guides
Security Remediation Guides