Stars
An step by step fuzzing tutorial. A GitHub Security Lab initiative
How to write a very simple JIT compiler
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).
Most of the Google Acquisitions for Bug Bounty Hunter.
🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.
tomnomnom / dnsgrep
Forked from erbbysam/DNSGrepQuickly Search Large DNS Datasets
A Go library for making HTTP requests with complete control
How to exploit a double free vulnerability in 2021. Use After Free for Dummies
A games launcher for GOG, Amazon and Epic Games for Linux, Windows and macOS.
Automation for javascript recon in bug bounty.
A command-line utility designed to discover URLs for a given domain in a simple, efficient way. It works by gathering information from a variety of passive sources, meaning it doesn't interact dire…
📖 A Golang library for text processing, including tokenization, part-of-speech tagging, and named-entity extraction.
An open source multi-tool for exploring and publishing data
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Voxel plugin for the Godot game engine!
Enumerate the permissions associated with AWS credential set
XSS payloads for exploiting Markdown syntax
Golang client for querying SecurityTrails API data