A community-powered collection of all known bug bounty platforms, vulnerability disclosure platforms, and crowdsourced security platforms currently active on the Internet.

Identify the attack paths in BloodHound breaking your AD tiering

A collection of awesome penetration testing resources, tools and other shiny things

Pentesting Android Application Course For Kids+ (English and Vietnamese edition)

This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location

A repository that includes all the important wordlists used while bug hunting.

🖤 Create and share beautiful images of your source code

An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

A list of resources for those interested in getting started in bug bounties

Awesome XSS stuff

Information gathering framework for phone numbers

Rock-On is a all in one Recon tool that will just get a single entry of the Domain name and do all of the work alone.

Open source education content for the researcher community

A Tool for Domain Flyovers

A cross-platform note-taking & target-tracking app for penetration testers.

Most advanced XSS scanner.