For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

A list of resources for those interested in getting started in bug bounties

A deep look at some recon methodologies and web-application vulnerabilities of my interest where I will merge all my notes gathered from books, videos, articles and own experience with bug bounty h…

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location

A list of interesting payloads, tips and tricks for bug bounty hunters.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Attack and defend active directory using modern post exploitation adversary tradecraft activity

🙃 A delightful community-driven (with 1700+ contributors) framework for managing your zsh configuration. Includes 200+ optional plugins (rails, git, OSX, hub, capistrano, brew, ant, php, python, et…

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

Updates to this repository will continue to arrive until the number of links reaches 10000 links & 10000 pdf files .Learn Ethical Hacking and penetration testing .hundreds of ethical hacking & pene…

This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.

A collection of awesome penetration testing resources, tools and other shiny things

This cheatsheet is aimed at the CTF Players and Beginners to help them understand Web Application Vulnerablity with examples.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Compiled Binaries for Ghostpack (.NET v4.0)

🐶 A curated list of Web Security materials and resources.

✍️ A curated list of CVE PoCs.

Custom pentesting tools

Open source education content for the researcher community

TotalRecon installs all the recon tools you need

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world.…

Notes for Beginner Network Pentesting Course

OSCP cheatsheet

Privilege Escalation Project - Windows / Linux / Mac