A list of free and open forensics analysis tools and other resources

Mind-Maps of Several Things

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Now, the Host is Mine! - Super Fast Sub-domain Takeover Detection!

A fast, simple, recursive content discovery tool written in Rust.

Simple script for full recon

This repo is about @harshbothra_ 365 days of learning Tweet & Mindmap collection

HTTP Request Smuggling Detection Tool

Burpsuite Extension to bypass 403 restricted directory

Pentest Report Generator

uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web application…

Simple bash script to bypass "403 Forbidden" messages with well-known methods discussed in #bugbountytips

A collection of awesome penetration testing resources, tools and other shiny things

HTTP parameter discovery suite.

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

A pentest reporting tool written in Python. Free yourself from Microsoft Word.

Penetration tests guide based on OWASP including test cases, resources and examples.

A Python program to scrape secrets from GitHub through usage of a large repository of dorks.

Automated & Manual Wordlists provided by Assetnote

Generates permutations, alterations and mutations of subdomains and then resolves them

AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation

Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists

Custom pentesting tools

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

A collection of hacking / penetration testing resources to make you better!

An Information Security Reference That Doesn't Suck

🐶 A curated list of Web Security materials and resources.

List of Awesome Red Teaming Resources