BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

All About Web Recon & OSINT

The most powerful CRLF injection (HTTP Response Splitting) scanner.

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

Prototype pollution scanner using headless chrome

OWASP VBScan is a Black Box vBulletin Vulnerability Scanner

Web Security Scanner

An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.

Curating the best DevSecOps resources and tooling.

😎 Awesome lists about all kinds of interesting topics

Guide to securing and improving privacy on macOS

Conceitos sobre Security-by-Design e alguns passos sobre como implementar isso no dia-a-dia.

Checklist of the most important security countermeasures when designing, testing, and releasing your API

🔍 A collection of interesting, funny, and depressing search queries to plug into https://shodan.io/

HTTP Request Smuggling Detection Tool

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

A list of open source web security scanners

The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.

An IIS short filename enumeration tool

A curated list of free courses with certifications.

Starkiller is a Frontend for PowerShell Empire.

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

Scapy: the Python-based interactive packet manipulation program & library.

🐶 A curated list of Web Security materials and resources.

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

Great security list for fun and profit

cheat allows you to create and view interactive cheatsheets on the command-line. It was designed to help remind *nix system administrators of options for commands that they use frequently, but not …

🔒 A collection of cheatsheets for various infosec tools and topics.

Use your macOS terminal shell to do awesome things.