shayansec's Stars
zapstiko/Hacking-PDF
Here Are Some Popular Hacking PDF
0xsha/GoLinkFinder
A fast and minimal JS endpoint extractor
tuhin1729/Bug-Bounty-Methodology
These are my checklists which I use during my hunting.
gracenolan/Notes
B3nac/Android-Reports-and-Resources
A big list of Android Hackerone disclosed reports and other resources.
CyberSecurityUP/Guide-CEH-Practical-Master
Bo0oM/fuzz.txt
Potentially dangerous files
xnl-h4ck3r/GAP-Burp-Extension
Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
sw33tLie/bbscope
Scope gathering tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!
KingOfBugbounty/KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
gmelodie/awesome-wordlists
A curated list wordlists for bruteforcing and fuzzing
devanshbatham/ParamSpider
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
devanshbatham/OpenRedireX
A fuzzer for detecting open redirect vulnerabilities
payloadbox/xxe-injection-payload-list
🎯 XML External Entity (XXE) Injection Payload List
payloadbox/command-injection-payload-list
🎯 Command Injection Payload List
jdonsec/AllThingsSSRF
This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
the-xentropy/samlists
Free, libre, effective, and data-driven wordlists for all!
xdavidhu/awesome-google-vrp-writeups
🐛 A list of writeups from the Google VRP Bug Bounty program
Proviesec/google-dorks
Useful Google Dorks for WebSecurity and Bug Bounty
gquere/pwn_jenkins
Notes about attacking Jenkins servers
ticarpi/jwt_tool
:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
pentestmonkey/php-reverse-shell
xnl-h4ck3r/waymore
Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan & VirusTotal!
hackerscrolls/SecurityTips
edoardottt/companies-hiring-security-remote
List of companies that hire security people full remote.
Karanxa/Bug-Bounty-Wordlists
A repository that includes all the important wordlists used while bug hunting.
orwagodfather/x
andresriancho/enumerate-iam
Enumerate the permissions associated with AWS credential set
MrEmpy/mantra
「🔑」A tool used to hunt down API key leaks in JS files and pages
tamimhasan404/Chart-Of-Wordlist
Chart-Of-Wordlist helps to create your own custom wordlist. Also in one repository, you can find a list of awesome wordlist.