Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitation of API endpoints and secrets committed to workspaces, col…

60k+ WordPress Nuclei templates, updated daily from Wordfence intel—filter by severity/tags/CVE and scan in one line. 🚀🔒

Linux privilege escalation auditing tool

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

The Swiss Army knife for automated Web Application Testing

A little tool to play with Windows security

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

Community curated list of templates for the nuclei engine to find security vulnerabilities.

⚡ Dynamically generated stats for your github readmes

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected]

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …