Open-source AI agents for penetration testing

All about bug bounty (bypasses, payloads, and etc)

OSCP Exam Cheat Sheet

jsleak is a tool to find secret , paths or links in the source code during the recon.

Collection of CTF Web challenges I made

Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

Tools and Techniques for Red Team / Penetration Testing

Unofficial revival of the well known .NET debugger and assembly editor, dnSpy

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

java内存对象搜索辅助工具

ysoserial修改版，着重修改ysoserial.payloads.util.Gadgets.createTemplatesImpl使其可以通过引入自定义class的形式来执行命令、内存马、反序列化回显。

The cheat sheet about Java Deserialization vulnerabilities

Automated & Manual Wordlists provided by Assetnote

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

A next-generation crawling and spidering framework.

Writeups for the challenges from DownUnderCTF 2021

dotnet 反序列化学习笔记

Subdomain Enumeration using Securitytrails API