One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

Playground (and dump) of stuff I make or modify for the Flipper Zero

The Official USB Rubber Ducky Payload Repository

A checklist of things to look for when auditing Solidity smart contracts.

A small collection of potentially useful contract templates

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

The Patterns of Scalable, Reliable, and Performant Large-Scale Systems

Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.

Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.

Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

Scope gathering tool for HackerOne, Bugcrowd, and Intigriti!

https://twitch.tv/mdisec

Community curated list of template files for the nuclei engine to find security vulnerability and fingerprinting the targets.

Metasploit Framework

SSRF (Server Side Request Forgery) testing resources

subdomain bruteforce list