prime-hacker's Stars
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
poteto/hiring-without-whiteboards
⭐️ Companies that don't have a broken hiring process
ffuf/ffuf
Fast web fuzzer written in Go
owasp-amass/amass
In-depth attack surface mapping and asset discovery
obsidianmd/obsidian-releases
Community plugins list, theme list, and releases of Obsidian.
yogeshojha/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
geohot/fromthetransistor
From the Transistor to the Web Browser, a rough outline for a 12 week course
onlurking/awesome-infosec
A curated list of awesome infosec courses and training resources.
EdOverflow/can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
devanshbatham/Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
djadmin/awesome-bug-bounty
A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
jhaddix/tbhm
The Bug Hunters Methodology
RoganDawes/P4wnP1_aloa
P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming and physical engagements ... or into "A Little Offensive Appliance".
0x90n/InfoSec-Black-Friday
All the deals for InfoSec related software/tools this Black Friday
RetireJS/retire.js
scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
projectdiscovery/interactsh
An OOB interaction gathering server and client library
pentestmonkey/php-reverse-shell
sushiwushi/bug-bounty-dorks
List of Google Dorks for sites that have responsible disclosure program / bug bounty program
tadwhitaker/Security_Engineer_Interview_Questions
Every Security Engineer Interview Question From Glassdoor.com
sajjadium/ctf-archives
CTF Archives: Collection of CTF Challenges.
BlackArch/webshells
Various webshells. We accept pull requests for additions to this collection.
hisxo/ReconAIzer
A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomains and more!
0xPugal/fuzz4bounty
1337 Wordlists for Bug Bounty Hunting
bobby-lin/study-bug-bounty
Beginner Guide to Bug Hunting
Hari-prasaanth/Web-App-Pentest-Checklist
A OWASP Based Checklist With 500+ Test Cases
disclose/bug-bounty-platforms
A community-powered collection of all known bug bounty platforms, vulnerability disclosure platforms, and crowdsourced security platforms currently active on the Internet.
stravo1/obsidian-gdrive-sync
sync notes across devices in Obsidian via Google Drive
7h3rAm/writeups
Writeups for vulnerable machines.
DownUnderCTF/Challenges_2023_Public
Files + Writeups for DownUnderCTF 2023 Challenges
PwnDefend/Hacking101