Tool for searching Exploits from Exploit Databases, etc.

🔍 Overwatch is an automated vulnerability scanning and notification bash wrapper designed for continuous monitoring and reporting of 🛡️ critical and ⚠️ high-severity findings. It leverages Axiom, S…

A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.

一款长亭自研的完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

A complete security assessment tool that supports common web security issues scanning and custom POC | Be sure to read the document before using.

Recon-Ninja

Collection of Penetration Testing Interview Questions across various domains, including Information Security, Network Security, Web Security and API Security. This repository helps enthusiasts prep…

The Nen Book is a list of personal notes and tips collected from a lot of recourses in different categories like: WebApp Security, API Security, Cloud Security, Network Pentesting, Code Review, Thr…

Top disclosed reports from HackerOne

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A cheat sheet that contains advanced queries for SQL Injection of all types.

how to look for Leaked Credentials !

All about bug bounty (bypasses, payloads, and etc)

Pull out bits of URLs provided on stdin

Fetches javascript file from a list of URLS or subdomains.

Mind-Maps of Several Things

10,000 H1 Disclosed Reports

OWASP Web Application Security Testing Checklist

My Private Bug Hunting Methodology

Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal & Intelligence X!

This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter

List of reporting templates I have used since I started doing BBH.

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

The Bug Hunters Methodology