A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!

In-depth attack surface mapping and asset discovery

Google Chrome, Firefox, and Thunderbird extension that lets you write email in Markdown and render it before sending.

This is a resource factory for anyone looking forward to starting bug hunting and would require guidance as a beginner.

All cheetsheets with main information from HTB CBBH role path in one place.

A list of resources for those interested in getting started in bug bounties

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

Useful resources for SOC Analyst and SOC Analyst candidates.

Red Team PowerShell Script

Bjorn is a powerful network scanning and offensive security tool for the Raspberry Pi with a 2.13-inch e-Paper HAT. It discovers network targets, identifies open ports, exposed services, and potent…

The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

Collection of Cyber Threat Intelligence sources from the deep and dark web

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

Firefox Decrypt is a tool to extract passwords from Mozilla (Firefox™, Waterfox™, Thunderbird®, SeaMonkey®) profiles

Sweet theme for Sweet Hackers 💚

The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.

A simple and efficient file uploader for Pwnagotchi.

Convert ebooks to audiobooks with chapters and metadata using dynamic AI models and voice cloning. Supports 1,107+ languages!

Credentials recovery project

Oh-my-zsh theme for pentesters which includes the date, time, and IP address for pentest logging.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

The Black Hat Bash book repository

A curated list of various bug bounty tools

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

Attack Surface Management Platform