PandasAreBears
Follow
Stars
A curated list of awesome reversing resources
Breaking ECDSA (not so broken) with LLL
Library consisting of explanation and implementation of all the existing attacks on various Encryption Systems, Digital Signatures, Key Exchange, Authentication methods along with example challenge…
Some setup scripts for security research tools.
fpicker is a Frida-based fuzzing suite supporting various modes (including AFL++ in-process fuzzing)
A next-generation crawling and spidering framework.
An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
A list of resources for those interested in getting started in bug bounties
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the contr…
📱 objection - runtime mobile exploration
A curated list of various bug bounty tools
Asset inventory of over 800 public bug bounty programs.
Fast passive subdomain enumeration tool.
🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
A Python 3.12+ library to pack and unpack structured binary data.
Papers from the computer science community to read and discuss.
Practical Cryptography for Developers: Hashes, MAC, Key Derivation, DHKE, Symmetric and Asymmetric Ciphers, Public Key Cryptosystems, RSA, Elliptic Curves, ECC, secp256k1, ECDH, ECIES, Digital Sign…
A decorator for wrapping Python functions to generate an OpenAI GPT function calling schema.
Here you can find write ups for iOS Vulnerabilities that have been released.