This is your work, valued
Afuzz. Afuzz is an automated web path fuzzing tool for the Bug Bounty projects.
★ 311rapiddns-cli. A powerful command-line interface for interacting with the [RapidDNS API](https://rapiddns.io/help/api). This tool allows you to perform DNS searches, advanced queries, and large-scale data exports directly from your terminal.
★ 35libarchive. Multi-format archive and compression library
★ 3.6kCLIProxyAPI. Wrap Antigravity, ChatGPT Codex, Claude Code, Grok Build as an OpenAI/Gemini/Claude/Codex compatible API service, allowing you to enjoy the free Gemini 3.1 Pro, GPT 5.5, Grok 4.3, Claude model through API
★ 40ksecurity-audits. Reports from automated security audits made by Swival.
★ 77trailmark. Build and query a graph database representation of source code
★ 437ArgusBot. ArgusBot: A 24/7 supervisor Agent for Codex CLI and Claude Code CLI that keeps agents running, reviewing, and planning until the job is actually done.
★ 305autoresearch. AI agents running research on single-GPU nanochat training automatically
★ 91khumanizer. Claude Code skill that removes signs of AI-generated writing from text
★ 29kwaoowaoo. 首家工业级全流程 AI 影视生产平台。Industry-first professional AI Agent platform for controllable film & video production. From shorts to live-action with Hollywood-standard workflows.
★ 13kgarak. the LLM vulnerability scanner
★ 8.4kBroken-Vulnerable-Code-Snippets. A small collection of vulnerable code snippets
★ 802interactsh. An OOB interaction gathering server and client library
★ 4.4kant-design. An enterprise-class UI design language and React UI library
★ 99kautochrome. This tool downloads, installs, and configures a shiny new copy of Chromium.
★ 478writeups.
★ 1.2kchisel. A fast TCP/UDP tunnel over HTTP
★ 16kExploit-Dictionary.
★ 295ksubdomain. 无状态子域名爆破工具
★ 2.4kdomainNamePredictor. 一个简单的现代化公司域名使用规律预测及生成工具
★ 389yaml-payload. A tiny project for generating SnakeYAML deserialization payloads
★ 639awesome-oneliner-bugbounty. A collection of awesome one-liner scripts especially for bug bounty tips.
★ 3.2khttp2fuzz. HTTP/2 fuzzer written in Golang
★ 182Android_Security. This repository is a suplimentary material for Android Training's done by Anant Shrivastava from 2012-2017
★ 224Some-PoC-oR-ExP. 各种漏洞poc、Exp的收集或编写
★ 2.5kphpggc. PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
★ 3.8kDeReviewer. C#
★ 18Damn_Vulnerable_C_Program. An example C program which contains vulnerable code for common types of vulnerabilities. It can be used to show fuzzing concepts.
★ 723emux. EMUX Firmware Emulation Framework (formerly ARMX)
★ 864exploit_me. Very vulnerable ARM/AARCH64 application (CTF style exploitation tutorial with 29 vulnerability techniques)
★ 1.1kPacker-Fuzzer. Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
★ 3.3kReverse-Engineering. A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM, 8-bit AVR and 32-bit RISC-V architectures.
★ 14kresearch. research
★ 151semgrep-rules. Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
★ 1.2kbucky. Bucky (An automatic S3 bucket discovery tool)
★ 198BountyIt. A fuzzer made in golang for finding issues like xss, lfi, rce, ssti...that detects issues using change in content length and verify it using signatures
★ 62youtube-dl-gui. A cross platform front-end GUI of the popular youtube-dl written in wxPython.
★ 9.4kawesome-ruby-security. Awesome Ruby Security resources
★ 475FinalRecon. All In One Web Recon
★ 2.8kRaccoon. A high performance offensive security tool for reconnaissance and vulnerability scanning
★ 3.8kExtractor. Extension adds a new tab in Burp Suite called Extractor
★ 42dtd-finder. List DTDs and generate XXE payloads using those local DTDs.
★ 662PPScan. Client Side Prototype Pollution Scanner
★ 529CVE-2020-16947. PoC of CVE-2020-16947 (Microsoft Outlook RCE vulnerablility)
★ 122AllThingsSSRF. This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
★ 1.4kfrida-scripts. A collection of my Frida instrumentation scripts to reverse engineer mobile apps and more.
★ 1.6kawesome-frida. Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)
★ 3.5kCMSeeK. CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs
★ 2.6k0x94TR. 0x94TR Burp Extension - Java version
★ 32Information-Security. Information security
★ 212HowToHunt. Collection of methodology and test case for various web vulnerabilities.
★ 7.2kGoPurple. Yet another shellcode runner consists of different techniques for evaluating detection capabilities of endpoint security solutions
★ 496mimikatz. A little tool to play with Windows security
★ 22knccfsas. Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.
★ 608CVE-2020-1472. Test tool for CVE-2020-1472
★ 1.8kCVE-Reverse. Python
★ 284attackRmi. attackRmi
★ 259resolvers. List of periodically validated public DNS resolvers
★ 236Java-Deserialization-Cheat-Sheet. The cheat sheet about Java Deserialization vulnerabilities
★ 3.2kCloudBrute. Awesome cloud enumerator
★ 1.1kscanginx. Scanner For Nginx - Remote Integer Overflow Vulnerability
★ 37Fuzz_dic. 参数 | 字典 collections
★ 690BurpSmartBuster. A Burp Suite content discovery plugin that add the smart into the Buster!
★ 379Awesome-Red-Teaming. List of Awesome Red Teaming Resources
★ 8kgitbrute. brute-force a git commit hash
★ 398Bug-Bounty-Roadmaps. Bug Bounty Roadmaps
★ 1.7kBug-Bounty-Roadmaps. Bug Bounty Roadmaps
★ 2learn-browser-testing. Repository for my upcoming course & workshop
★ 116RedCommander. Red Team C2 Infrastructure built in AWS using Ansible!
★ 233h4rpy. Automated WPA/WPA2 PSK attack tool.
★ 650dalfox. 🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
★ 5.1kVulnerableDotNetHTTPRemoting. Example Vulnerable .NET HTTP Remoting
★ 88cotopaxi. Set of tools for security testing of Internet of Things devices using specific network IoT protocols
★ 362BurpSuite-Xkeys. A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
★ 313semgrep. Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
★ 16kredis-ssrf. redis ssrf gopher generater & redis ssrf to rce by master-slave-sync
★ 87KingOfBugBountyTips. Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
★ 5.4kntlm_theft. A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)
★ 1.4kjwt-pwn. Security Testing Scripts for JWT
★ 333nuclei-templates. Community curated list of templates for the nuclei engine to find security vulnerabilities.
★ 13kfaceswap. Deepfakes Software For All
★ 55kscant3r. ScanT3r - Module based Bug Bounty Automation Tool ( use Lotus instead github.com/bugBlocker/lotus )
★ 685EyeWitness. EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
★ 5.8krad.
★ 1.5kPenetration_Testing_POC. 渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
★ 7.4kbbrecon. Python library and CLI for the Bug Bounty Recon API
★ 228remote-method-guesser. Java RMI Vulnerability Scanner
★ 922API-Security-Checklist. Checklist of the most important security countermeasures when designing, testing, and releasing your API
★ 23kSpring-Boot-Vulnerability.
★ 422Ciphey. ⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
★ 22kLeakIXClient. Golang client & library
★ 105Privilege-Escalation. This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
★ 3.6kSubdomain. Hacks For Subdomain Enumeration
★ 34Awesome-Fuzzing. A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
★ 5.9kbounty-targets-data. This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
★ 3.8kcarbon. :black_heart: Create and share beautiful images of your source code
★ 36kSpringBootVulExploit. SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
★ 6.1kWinPwn. Automation for internal Windows Penetrationtest / AD-Security
★ 3.7kchangeme. A default credential scanner.
★ 1.5kjok3r. Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
★ 1.1krengine. reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
★ 8.7kVulnerability-Research. C
★ 80CVE-2020-14645. Weblogic CVE-2020-14645 UniversalExtractor JNDI injection getDatabaseMetaData()
★ 80WebHackersWeapons. ⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
★ 4.9koffensive-docker. Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
★ 768ProxyGoogleTranslate. Using Google translate as WebProxy
★ 13webkiller. Tool Information Gathering Write By Python.
★ 747singularity. A DNS rebinding attack framework.
★ 1.3kAwesome-Asset-Discovery. List of Awesome Asset Discovery Resources
★ 2.7kdatasploit. An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.
★ 3.3kcowpy. Cowsay, in Python, makes pies by default, one file, easily embedded into your app.
★ 77python-asciistuff. :art: Library for producing ASCII arts
★ 12bluing. An intelligence gathering tool for hacking Bluetooth
★ 1kdronesploit. Drone pentesting framework console
★ 2kPEASS-ng. PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
★ 20kApiWordlistGenerator. Generate wordlists for fuzzing API method names
★ 55Github-Monitor. Github Sensitive Information Leakage Monitor(Github信息泄漏监控系统)
★ 1.8kysomap. A helpful Java Deserialization exploit framework.
★ 1.2kbrutespray. Fast, multi-protocol credential brute-forcer. Parses Nmap, Nessus, and Nexpose output to automatically test default and custom credentials across 30+ protocols.
★ 2.5kpuff. Clientside vulnerability / reflected xss fuzzer
★ 149PENTESTING-BIBLE. articles
★ 14kafter-deserialization-attack. Java After-Deserialization Attack
★ 78gitGraber. gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
★ 2.3kcloud-ranges. A list of cloud ranges from different providers.
★ 461smuggler. Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
★ 2.1kJava-Rce-Echo. Java RCE 回显测试代码
★ 1kBBTz. BBT - Bug Bounty Tools (examples💡)
★ 1.9kpsalm. A PHP static analysis tool for finding errors and security vulnerabilities in PHP applications
★ 5.9kActive-Directory-Exploitation-Cheat-Sheet. A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
★ 2.7kSRC-experience. 工欲善其事,必先利其器
★ 1.6kCVE2020-0796. CVE2020-0796 SMBv3 RCE
★ 61lorsrf. Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load :artificial_satellite: :crab:
★ 297spoolsystem. Print Spooler Named Pipe Impersonation for Cobalt Strike
★ 271cobalt-arsenal. My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
★ 1.1k1ndiList. Recon Custom WordList Ganerator
★ 59fastjson-bypass-autotype-1.2.68. fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.
★ 229exploits. Some of my public exploits
★ 54Bridge. 无回显漏洞测试辅助平台,平台使用Java编写,提供DNSLOG,HTTPLOG等功能,辅助渗透测试过程中无回显漏洞及SSRF等漏洞的验证和利用。
★ 404CANalyzat0r. Security analysis toolkit for proprietary car protocols
★ 795awesome-vehicle-security. 🚗 A curated list of resources for learning about vehicle security and car hacking.
★ 4.4kSMBGhost_RCE_PoC. Python
★ 1.4kbinbloom. Raw binary firmware analysis software
★ 583elasticArchive. An extension to mitmproxy to dump all proxied web traffic to elasticsearch where you can keep it forever (or until you run out of disk space)
★ 26SecretFinder. SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
★ 2.5kawesome-rat. RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.
★ 2.2kaxiom. The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
★ 4.4kshhgit. Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.
★ 4kGitMonitor. One way to continuously monitor sensitive information that could be exposed on Github
★ 172CVE-2020-9484. Dockerfile
★ 126RedTeaming-Tactics-and-Techniques. Red Teaming Tactics and Techniques
★ 4.6kCVE-2019-0708-EXP-Windows. CVE-2019-0708-EXP-Windows版单文件exe版,运行后直接在当前控制台反弹System权限Shell
★ 318Vulnerable-OAuth-2.0-Applications. vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.
★ 331WindowsExploitationResources. Resources for Windows exploit development
★ 1.7kQRLJacking. QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as a secure way to login into accounts which aims for hijacking users session by attackers.
★ 1.6kdirsearch. Web path scanner
★ 14kpyaxmlparser. Python3 Parser for Android XML file and get Application Name without using Androguard
★ 150probethis. find active domains from list of subdomains
★ 27oauth2_proxy. A reverse proxy that provides authentication with Google, Github or other provider
★ 5.1kgaussrf. Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SSRF Parameters.
★ 175Snapper. A security tool for grabbing screenshots of many web hosts
★ 329DotNetDeserializationScanner. Scans for .NET Deserialization Bugs in .NET Assemblies
★ 81Arjun. HTTP parameter discovery suite.
★ 6.4kinternalblue. Bluetooth experimentation framework for Broadcom and Cypress chips.
★ 781gmapsapiscanner. Python
★ 1.2klearnjavabug. Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
★ 2.7kpwndb. Search for leaked credentials
★ 1.4kXSStrike. Most advanced XSS scanner.
★ 15kRed-Teaming-Toolkit. This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
★ 10kfindom-xss. A fast DOM based XSS vulnerability scanner with simplicity.
★ 863dvna. Damn Vulnerable NodeJS Application
★ 779attacking-cloudgoat2. A step-by-step walkthrough of CloudGoat 2.0 scenarios.
★ 136dnsFookup. DNS rebinding toolkit
★ 255971-MB-content_discovery_wordlist. Collection of content discovery wordlists in one wordlist.
★ 37Gf-Patterns. GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
★ 1.4kInveighZero. .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers
★ 817SSRFTest. SSRF testing tool
★ 247httprebind. Automatic tool for DNS rebinding-based SSRF attacks
★ 306awesome-burp-suite. Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.
★ 1kAtlas. Quick SQLMap Tamper Suggester
★ 1.4kshotlooter. a recon tool that finds sensitive data inside the screenshots uploaded to prnt.sc
★ 646massdns. A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
★ 3.6knjsscan. njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
★ 434VHostScan. A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
★ 1.3kjwt_tool. :snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
★ 6.7kH1-Report-Finder. A burpsuite extension that helps security researchers find public security reports published on h1 based on the selected host
★ 42SweetPotato. Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019
★ 1.8kcve-2020-11651. Python
★ 106writeups. Write-ups from A*0*E.
★ 196fastjson-blacklist. Java
★ 838MFFA. Media Fuzzing Framework for Android
★ 334keyhacks. Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
★ 6.3kgitscraper. A tool which scrapes public github repositories for common naming conventions in variables, folders and files
★ 296chaos-client. Go client to communicate with Chaos DB API.
★ 871can-i-take-over-xyz. "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
★ 5.7kSubDomainTakeoverTools. Python
★ 37firmware-anatomy. Tear the firmware apart with your bare hands;-)
★ 194fuzzing. Tutorials, examples, discussions, research proposals, and other resources related to fuzzing
★ 3.8kInvoke-PrintDemon. This is a PowerShell Empire launcher PoC using PrintDemon and Faxhell.
★ 198xvwa. XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
★ 1.8kHTTPFuzz. A fast generative fuzzer for HTTP
★ 17exploits. Python
★ 51CVE-2020-0674-Exploit. This is an exploit for CVE-2020-0674 that runs on the x64 version of IE 8, 9, 10, and 11 on Windows 7.
★ 223