A list of useful payloads and bypass for Web Application Security and Pentest/CTF
-
Updated
Jun 19, 2024 - Python
A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Web path scanner
OneForAll是一款功能强大的子域收集工具
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Scanning APK file for URIs, endpoints & secrets.
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Automated All-in-One OS Command Injection Exploitation Tool.
A recursive internet scanner for hackers.
A collection of custom security tools for quick needs.
Automated NoSQL database enumeration and web application exploitation tool.
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
Flutter Reverse Engineering Framework
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.