nomore403. 🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast. Precise. Effective.
1.8kawesome-ctf-resources. A list of Capture The Flag (CTF) frameworks, libraries, resources and software for started/experienced CTF players 🚩
777XORpass. Encoder to bypass WAF filters using XOR operations.
254debugHunter. Discover hidden debugging parameters and uncover web application secrets
250CTF_OnlineTools. Repository to index useful online tools for CTF
181put2win. Script to automate PUT HTTP method exploitation to get shell
126pwny.cc. Repository of useful payloads and tips for pentesting/bug bounty.
33unaalmes-writeups. Repository to save all write-ups from UAM challenges
28SubProbe. ⚡ JavaScript-aware crawler for security researchers and bug bounty hunters. Extract hidden endpoints and internal subdomains through static and semantic analysis of JS files. Lightweight. Fast. Sneaky.
8pentesting-wiki. I am tired of cherrytree and I think that having useful information online to consult comfortably can be a good option. Feel free to send corrections / extra tips.
4jwtforge. Attacker-minded, 100% client-side JWT toolkit — decode, audit & forge tokens. Generates alg:none, key-confusion, kid-injection & brute-force attacks with ready-to-run curl/Burp/nuclei exports. The security alternative to jwt.io.
3devploit.
2old_devploit.github.io. devploit's linktree
2ctf-writeups. Repository to store public writeups from some CTFs.
1blog. SCSS
1pwnygames_2021. TODO
1