一款基于James Forshaw的.NET Remoting反序列化工具升级版在TypeFilterLevel.Low模式无文件payload任意代码执行poc的开发心得

Asset inventory of over 800 public bug bounty programs.

Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.

Enterprise Information Service

Knock Subdomain Scan

🕵️‍♂️ All-in-one OSINT tool for analysing any website

A library for detecting known secrets across many web frameworks

Fine-tune your 𝕏 (twitter) experience

Burp Suite extension that offers a toolkit for testing GraphQL endpoints.

A tool for exploring each layer in a docker image

Tools to assess DNS security.

prebuilt binaries for multiple architeture

BChecks collection for Burp Suite Professional and Burp Suite Enterprise Edition

Obtain GraphQL API schema even if the introspection is disabled

Prompt Injection Primer for Engineers

i will upload more templates here to share with the comunity.

A Gutenberg code block with syntax highlighting powered by VS Code

🌙 ‎ The optimized dark theme for web development.

An IIS short filename enumeration tool

A Gradio web UI for Large Language Models with support for multiple inference backends.

Find, verify, and analyze leaked credentials

Multithreaded threat Intelligence gathering built with Python3

The 'exploitable' GDB plugin

A list of cyber-chef recipes and curated links

The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices

Run all your bug bounty VPN profiles in parallel and expose them via multiple local SOCKS proxies.

Exploits targeting Symfony

bash script for Subdomain Enumeration