Stars
All about bug bounty (bypasses, payloads, and etc)
Writeups for HacktheBox 'boot2root' machines
📡 PoC auto collect from GitHub.
Open-source vulnerability disclosure and bug bounty program database
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules thro…
cve-2018-10933 libssh authentication bypass
vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.
E-mails, subdomains and names Harvester - OSINT
Disposable and resilient red team infrastructure with Terraform
A repository with 3 tools for pwn'ing websites with .git repositories available
Change monitoring app that checks the content of web pages in different periods.
AV/EDR evasion via direct system calls.
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens
Accept URLs on stdin, replace all query string values with a user-supplied value
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
A Python program to scrape secrets from GitHub through usage of a large repository of dorks.
Basic C# Project that will take an MSBuild payload and run it with MSBuild via ClickOnce.
🔥 Web-application firewalls (WAFs) from security standpoint.