A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Reverse engineering focusing on x64 Windows.

Phison 2251-03 (2303) Custom Firmware & Existing Firmware Patches (BadUSB)

The Official Bash Bunny Payload Repository

This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).

All about bug bounty (bypasses, payloads, and etc)

CTF Archives: Collection of CTF Challenges.

Come and join us, we need you!

Google CTF

CTFs as you need them

Pre-Built Vulnerable Environments Based on Docker-Compose

Main Sigma Rule Repository

A toolset to make a system look as if it was the victim of an APT attack

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

A curated list of CTF frameworks, libraries, resources and softwares

The all-in-one browser extension for offensive security professionals 🛠

Web CTF CheatSheet 🐈

Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan & VirusTotal!

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

Starkiller is a Frontend for PowerShell Empire.

MAC address age tracking

My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

CTF chall write-ups, files, scripts etc (trying to be more organised LOL)

Source code for the 2022 DEF CON Qualifiers.