Stars
OWASP Foundation Web Respository
Binary instrumentation framework based on FRIDA
Monitor linux processes without root permissions
A vulnerable application exposing Spring Boot Actuators
Trac is an enhanced wiki and issue tracking system for software development projects (mirror)
The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.
A list of interesting payloads, tips and tricks for bug bounty hunters.
Prototype Pollution and useful Script Gadgets
The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources
Framework for blind boolean-based sql injections exploatation. Use it if sqlmap does shit.
DIVA Android - Damn Insecure and vulnerable App for Android
Sonar is a security researcher's Swiss army knife for finding and exploiting vulnerabilities that require out-of-band interactions
Another way to bypass WAF Cheat Sheet (draft)
A collection of android security related resources
Python utility to takeover domains vulnerable to AWS NS Takeover
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Pentest/BugBounty progress control with scanning modules
A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
A demo of cross-origin login detection for most major web platforms