A list of useful payloads and bypass for Web Application Security and Pentest/CTF
-
Updated
Nov 18, 2024 - Python
A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Web path scanner
A list of resources for those interested in getting started in bug bounties
Fast passive subdomain enumeration tool.
Community curated list of templates for the nuclei engine to find security vulnerabilities.
OneForAll是一款功能强大的子域收集工具
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
A recursive internet scanner for hackers.
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Collection of methodology and test case for various web vulnerabilities.
All about bug bounty (bypasses, payloads, and etc)
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
A Workflow Engine for Offensive Security