Custom scripts for directory fuzzing, subdomain enumeration, and more.

An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!

Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

File upload vulnerability scanner and exploitation tool.

Gorgonia is a library that helps facilitate machine learning in Go.

머신러닝 입문자 혹은 스터디를 준비하시는 분들에게 도움이 되고자 만든 repository입니다. (This repository is intented for helping whom are interested in machine learning study)

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Collection of methodology and test case for various web vulnerabilities.

SSRF (Server Side Request Forgery) testing resources

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

A Python program to scrape secrets from GitHub through usage of a large repository of dorks.

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

企业微信报警

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-…

Awesome XSS stuff

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.