Because real attackers don't need to be sophisticated. They just need to be trusted.
AllVideoPocsFromHackerOne. This script grab public report from hacker one and make some folders with poc videos
924ReconNotes. Just some public notes that can be useful and i want let the world knows.
92BashitRecon. A collection of famous recon public scripts, but in bash <3
30zeroapk. Shell
18the-book-of-secret-knowledge. A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
13AEMusefulKnowledges.
10zfavalive. Python
8subs_all. Subdomain Enumeration Wordlist. 8956437 unique words. Updated.
7google_free_proxy. A simple script to GET pages through 6 Google Servers without any authentication
6VirtualAndroidToBugHunt. Just steps that you have to follow in order to be able to do bughunt in app enviroment
6keyhacks. Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
6CVE-2022-34305.
5spiderKing. Shell
5eternalnoobchallenges. This repository contains some challenges made to the understanding of how exploit some scenarios where there are security vulnerabilities and help to think about how to mitigate them =)
5Android-Reports-and-Resources. A big list of Android Hackerone disclosed reports and other resources.
4mssql_danger_functionalities_and_misconfigurations.
4reclame_aqui_scrapper. .
3navgix. navgix is a multi-threaded golang tool that will check for nginx alias traversal vulnerabilities
3im_blockchain_begginer.
3titaniumDigger. Python
3censys-subdomain-finder-non-api. Using censys to find subdomains but without the APIs just scrapping
2CEH. Notes for CEH v10 exam (source code)
2rusolver. Fast DNS resolver written in Rust.
2BurpSuite_403Bypasser. Burpsuite Extension to bypass 403 restricted directory
2scripts-2. collection of testing scripts
2asn. ASN/IPv4/IPv6/Prefix/AS Path lookup tool
2DNS-exfiltration-using-blind-xss-. These payloads will help u in your blind xss dumping cookies through dns exfiltration using subdomain dns queries
2test_github_action.
2Fake-Reverse-Shell. A Python script to hack the hacker by trolling him while expecting a reverse shell
2zerostore. A FireStore automation for pentesters
1ztelegramDownloader. Python
1jxscout. jxscout superpowers JavaScript analysis for security researchers
1jdam.
1VhostFinder. Identify virtual hosts by similarity comparison
1FlaskRedis. enhancing my skill assets with python
1InjuredAndroid. A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
1EVABS. An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.
1awesome-api-security. A collection of awesome API Security tools and resources.
1certex. monitors certificate transparency logs
1AWS-IAM-Privilege-Escalation. A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.
1Drupal4Dummies. Python
1qsinject. qsinject (Query String Inject) is a tool that allows you to quickly substitute query string values with regex matches, one-at-a-time.
1cve-2025-29927. JavaScript
131-days-of-API-Security-Tips. This challenge is Inon Shkedy's 31 days API Security Tips.
1Awesome-WAF. 🔥 Everything you'll need to know about web-application firewalls (WAF).
1Oblivion. Data leak checker & OSINT Tool
1Bug-Bounty-Wordlists. HTML
1HINTS. Python
1CVE-2021-09-03. Just testing if some bot will do some action here LOL
1Galaxy-Bugbounty-Checklist. Tips and Tutorials for Bug Bounty and also Penetration Tests.
1zeroc00i.github.io. SCSS
1Interlace. Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
1xssXD. Go
1BurpBounty. Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
1Bug-Bounty-Toolz. BBT - Bug Bounty Tools
1Shodanfy.py. Get ports,vulnerabilities,informations,banners,..etc for any IP with Shodan (no apikey! no rate-limit!)
1CT_subdomains. An hourly updated list of subdomains gathered from certificate transparency logs
1unfurl. Pull out bits of URLs provided on stdin
1XSpear. Powerfull XSS Scanning and Parameter analysis tool&gem
1awesome-oneliner-bugbounty. A collection of awesome one-liner scripts especially for bug bounty tips.
1