This repository contains sample programs written primarily in C and C++ for learning native code reverse engineering.

This script is intended to automate your reconnaissance process in an organized fashion

A list of resources for those interested in getting started in bug bounties

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

🤖 The Modern Port Scanner 🤖

Community curated list of public bug bounty and responsible disclosure programs.

Nuclei plugin for BurpSuite

Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a variety of supported platforms.

dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.

A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

Community curated list of templates for the nuclei engine to find security vulnerabilities.

A next-generation crawling and spidering framework.

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

Red Insight is a comprehensive repository dedicated to documenting penetration testing techniques, tools, and findings. It serves as a resource for security professionals looking to deepen their un…

Differential fuzzing REPL for HTTP implementations.

Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)

🕵️‍♂️ All-in-one OSINT tool for analysing any website

The Linux Kernel Module Programming Guide (updated for 5.0+ kernels)

This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to …

FakeNet-NG - Next Generation Dynamic Network Analysis Tool

Beginner Friendly Rust Security Workshop

The repo contains a series of challenges for learning Frida for Android Exploitation.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Bambdas collection for Burp Suite Professional and Community.

A quick example of how one can "synchronize" a 3d scene across multiple windows using three.js and localStorage

An HTTP toolkit for security research.

A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.

A collection of modern/faster/saner alternatives to common unix commands.