A list of useful payloads and bypass for Web Application Security and Pentest/CTF
-
Updated
May 31, 2023 - Python
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A collection of hacking tools, resources and references to practice ethical hacking.
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
A list of resources for those interested in getting started in bug bounties
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Program for determining types of files for Windows, Linux and MacOS.
A curated list of awesome infosec courses and training resources.
Next generation web scanner
暂停维护 | ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
A fast, simple, recursive content discovery tool written in Rust.
All about bug bounty (bypasses, payloads, and etc)
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password
Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。10.10.6内置230个功能模块,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息,高危漏洞检测16个含MS17010、Zimbra、Exchange
Add a description, image, and links to the pentest topic page so that developers can more easily learn about it.
To associate your repository with the pentest topic, visit your repo's landing page and select "manage topics."