Scapy hands-on

This program is a command line utility that allows you to search for a specific pattern in the files of a GitHub repository. It uses the PyGithub library to interact with the GitHub API and the arg…

A collection of android security related resources

🔥 🔥 🔥 Open Source Airtable Alternative

⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

A list of helpful cybersecurity / infosec resources

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

A cat(1) clone with wings.

Tool for interacting with outlook interop during red team engagements

CVE-2020-28243 Local Privledge Escalation Exploit in SaltStack Minion

Fetch many paths for many hosts - without killing the hosts

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

🙃 A delightful community-driven (with 2,400+ contributors) framework for managing your zsh configuration. Includes 300+ optional plugins (rails, git, macOS, hub, docker, homebrew, node, php, python…

TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

📻Terminal/ssh/telnet/serialport/RDP/VNC/sftp client(linux, mac, win)

A tool to capture all the git secrets by leveraging multiple open source git searching tools

Spring Boot Actuator (jolokia) XXE/RCE

Test repository for verifying compatibility between adjacent minor versions

Automatic Enumeration Tool based in Open Source tools

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Project "Flashbang" - An open-source Flash-security helper

💻🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

A simple guide to HTML <head> elements

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

https://twitter.com/itsreallynick/status/1120410950430089224

Find interesting Amazon S3 Buckets by watching certificate transparency logs.

✍️ A curated list of CVE PoCs.

A python based cross-platform tool that automates the process of detecting and exploiting error-based injection security flaws.