A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

A curated list of Awesome Threat Intelligence resources

🛸 Convert postman collection to OpenAPI

Playwright is a framework for Web Testing and Automation. It allows testing Chromium, Firefox and WebKit with a single API.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Slip is a CLI tool to create malicious archive files containing path traversal payloads. It supports zip, tar, 7z, jar, war, apk and ipa archives.

moved - https://github.com/f7o/aws-serverless-nextcloud

Rewrite of the popular wireless network auditor, "wifite"

The famous Matrix rain effect of falling green characters in a terminal

Nuke them node mods. Its like npm ci but more reliable.

Basic vue-cli project set up using three.js and GLTFLoader