The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

Microsoft-Outlook-Remote-Code-Execution-Vulnerability

A cheat sheet that contains advanced queries for SQL Injection of all types.

A tool to quickly do keyword searches over Gitlab and Github for OSINT & bug bounty recon

A next-generation crawling and spidering framework.

Find broken links, missing images, etc within your HTML.

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

A fast tool to scan CRLF vulnerability written in Go

Top disclosed reports from HackerOne

This script grab public report from hacker one and make some folders with poc videos

A list of public penetration test reports published by several consulting firms and academic security groups.

Hash

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

simple recon tool to help you for searching vulnerability on web server

Easily schedule commands to run multiple times at set intervals (like a cronjob, but with one command)

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

Collection of methodology and test case for various web vulnerabilities.

Gather and update all available and newest CVEs with their PoC.

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

Awesome list of step by step techniques to achieve Remote Code Execution on various apps!

Free, libre, effective, and data-driven wordlists for all!

XSS tricked I have used before.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Azure Red Team tool for graphing Azure and Azure Active Directory objects

A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.

🛡️ Awesome Cloud Security Resources ⚔️