kh4sh3i
Follow
Stars
Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the contr…
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
A fast, simple, recursive content discovery tool written in Rust.
Take a list of domains and probe for working HTTP and HTTPS servers
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
Accept URLs on stdin, replace all query string values with a user-supplied value
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
Fetch all the URLs that the Wayback Machine knows about for a domain
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
Find domains and subdomains related to a given domain
A list of interesting payloads, tips and tricks for bug bounty hunters.
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
A list of useful payloads and bypass for Web Application Security and Pentest/CTF