Pinned Repositories
Android-Reports-and-Resources
A big list of Android Hackerone disclosed reports and other resources.
ArchiveFuzz
Hunt down the secrets from the WebArchives for Fun and Profit
awesome-security-hardening
A collection of awesome security hardening guides, tools and other resources
Blog-Design
bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
certasset
Takes ip range, Scan all open SSL Certs, Grab Cnames
chaospy
Small Tool written based on chaos from projectdiscovery.io
sitakom's Repositories
sitakom/Android-Reports-and-Resources
A big list of Android Hackerone disclosed reports and other resources.
sitakom/ArchiveFuzz
Hunt down the secrets from the WebArchives for Fun and Profit
sitakom/awesome-security-hardening
A collection of awesome security hardening guides, tools and other resources
sitakom/bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
sitakom/certasset
Takes ip range, Scan all open SSL Certs, Grab Cnames
sitakom/chaospy
Small Tool written based on chaos from projectdiscovery.io
sitakom/docs.hackerone.com
HackerOne Platform Documentation
sitakom/FakePip
Pip install exploit package
sitakom/flutter-ssl-bypass
Flutter SSL pinning bypass using IP forwarding
sitakom/github-search
Tools to perform basic search on GitHub.
sitakom/IntruderPayloads
A collection of Burpsuite Intruder payloads, fuzz lists and file uploads
sitakom/ngawur
cuma ngawur sajah
sitakom/nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
sitakom/oneliner-bugbounty
oneliner commands for bug bounties
sitakom/OSCP
#cheat sheet for OSCP
sitakom/OSCP-1
my oscp prep collection
sitakom/OSCP-2
Collection of things made during my OSCP journey
sitakom/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
sitakom/pentest-tools
Custom pentesting tools
sitakom/Red-Teaming-Toolkit
A collection of open source and commercial tools that aid in red team operations.
sitakom/SleuthQL
Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.
sitakom/snovvcrash.github.io
:memo:
sitakom/Spring-Boot-Log4j-CVE-2021-44228-Docker-Lab
Spring Boot Log4j - CVE-2021-44228 Docker Lab
sitakom/SSRF-Testing
SSRF (Server Side Request Forgery) testing resources
sitakom/Thorin
sitakom/webshell-detect-bypass
绕过专业工具检测的Webshell研究文章和免杀的Webshell
sitakom/Windows-Keylogger-Powershell-Script
keylogger that send keys through email
sitakom/wso-webshell
🕹 wso php webshell
sitakom/xxer
A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.
sitakom/Zeratool
Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems