A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.

The ultimate WinRM shell for hacking/pentesting

Adversary Emulation Framework

Covenant is a collaborative .NET C2 framework for red teamers.

real time face swap and one-click video deepfake with only a single image

DLL and PowerShell script to assist with finding DLL hijacks

Work in progress...

A modern tool written in Python that automates your xss findings.

This repo will contain some basic pentest/RT commands.

Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

A list of edge cases that occur in bug bounty programs, conversations on how they should be handled. The goal is to standardise the way that specific situations are handled in bug bounties.

Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing

Ressources for bug bounty hunting

Tools and Techniques for Red Team / Penetration Testing

Remote CLI tools at your fingertips

This repository contains Bug Bounty writeups

This is a python wrapper around the amazing KNOXSS API by Brute Logic

Recon MindMap (RMM)

Red team Interview Questions

CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.

Web Attack Cheat Sheet

A collection of awesome one-liner scripts especially for bug bounty tips.

OneForAll是一款功能强大的子域收集工具

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Automatically install some web hacking/bug bounty tools.

This is a multi-use bash script for Linux systems to audit wireless networks.

The Bug Hunters Methodology