phong1337's Stars
n8n-io/n8n
Free and source-available fair-code licensed workflow automation tool. Easily automate tasks across different services.
toniblyx/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
realpython/materials
Bonus materials, exercises, and example projects for our Python tutorials
Arachni/arachni
Web Application Security Scanner Framework
arkadiyt/bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
Qianlitp/crawlergo
A powerful browser crawler for web vulnerability scanners
kleiton0x00/Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
Threezh1/JSFinder
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
JoyChou93/java-sec-code
Java web common vulnerabilities and security code which is base on springboot and spring security
zhzyker/dismap
Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点
API-Security/APIKit
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
veo/vscan
开源、轻量、快速、跨平台 的网站漏洞扫描工具,帮助您快速检测网站安全隐患。功能 端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)
BlackFan/client-side-prototype-pollution
Prototype Pollution and useful Script Gadgets
maK-/parameth
This tool can be used to brute discover GET and POST parameters
Qianlitp/WatchAD
AD Security Intrusion Detection System
iangcarroll/cookiemonster
🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.
nccgroup/sadcloud
A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure
aufzayed/bugbounty
Bugbounty Resources
nahamsec/lazys3
msrkp/PPScan
Client Side Prototype Pollution Scanner
root-tanishq/userefuzz
User-Agent , X-Forwarded-For and Referer SQLI Fuzzer
RhinoSecurityLabs/Cloud-Security-Research
Cloud-related research releases from the Rhino Security Labs team.
winsecurity/Offensive-Rust
geeknik/the-nuclei-templates
Nuclei templates written by us.
geeksonsecurity/vuln-web-apps
A curated list of vulnerable web applications.
usdAG/slipit
Utility for creating ZipSlip archives
gwen001/gitlab-subdomains
Find subdomains on GitLab.
projectdiscovery/fuzzing-templates
Community curated list of nuclei templates for finding "unknown" security vulnerabilities.
alex91ar/randomstringutils
Cracker for Apache.lang.commons RandomStringUtils(). Code for "The Java Soothsayer" talk at EkoParty 2017 by Alejo Popovici.
BrunoHalltari/CTF-Writeups
Here i will post my writeups :)