Stars
Advanced external automation on bug bounty programs by running the best set of tools to perform scanning and finding out vulnerabilities.
A curated list of security card games.
Defensomania is a security monitoring and incident response card game.
A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomains and more!
Terraform resources for building HTTP, DNS, phishing, and mail server red team infrastructure
Offensive Software Exploitation Course
Another Windows Local Privilege Escalation from Service Account to System
WhiteWinterWolf's PHP web shell
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
Complete Automated pentest framework for Servers, Application Layer to Web Security
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
泛微OA /services%20/WorkflowServiceXml的反序列化调整
Wiki to collect Red Team infrastructure hardening resources
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A curated list of resources related to Industrial Control System (ICS) security.
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Writeups for HacktheBox 'boot2root' machines