One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

A collection of one-liners for bug bounty hunting.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

simple script to extract all web resources by means of .SVN folder exposed over network.

Collection of methodology and test case for various web vulnerabilities.

Find web directories without bruteforce

An advanced subdomain discovery service with fast, powerful and easy to use API and DNS history.

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way …

An encyclopedia for offensive and defensive security knowledge in cloud native technologies.