async-python

Shows how to use async requests vs requests

awesome-bugbounty-tools

A curated list of various bug bounty tools

awesome-threat-detection

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

aws_scanner

Python application to port scan EC2 instances in your AWS inventory

axiom

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

badblood

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active D

bof-fuzz

bulldir

BullDIR is a fast hidden directory/file scanner which scans for active and hidden directories in a target. The tool takes your given wordlist and exposes the valid directories or files.

chat-with-pdf-chatbot

This Chatbot is an interactive app developed to assist users to interact with their PDF. It is built using Open Source Stack. No OpenAI is required.

crlfuzz

A fast tool to scan CRLF vulnerability written in Go

faster-than-requests

Faster requests on Python 3

flask-sse

forkify-js

😋 A beautiful recipe search engine made with modern JavaScript features 😋. Powered by food2fork API 🍴

h33tlit

Config files for my GitHub profile.

howtohunt

Tutorials and Things to Do while Hunting Vulnerability.

jbin-website-secret-scraper

Jbin will gather all the URLs from the website and then it will try to expose the secret data from them such as API keys, API secrets, API tokens and many other juicy information.

malicious-pdf

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

notes

nuclei-and-subfinder-api

Web API for nuclei and subfinder will help you automate your entire security testing workflow since you can host it anywhere and make it accessible.

nuclei-burpextension

Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.

osep-1

parameter-reflect-finder

Parameter-Reflect-Finder is a python based tool that helps you find reflected parameters which can have potential XSS or Open redirection vulnerabilities.

pentesting-interview-questions

Penetration Testing and Offensive Security Interview Questions

poc-in-github

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

pwndoc

Pentest Report Generator

redteam-tools

Tools and Techniques for Red Team / Penetration Testing

resources-for-beginner-bug-bounty-hunters

A list of resources for those interested in getting started in bug bounties

secret-regex-list

List of regex for scraping secret API keys and juicy information.

sniffcon-ultimate-recon-dashboard-for-bug-bounty-and-pentesting

Sniffcon has a wide list of powerful online bug bounty tools which can be used to find security vulnerabilities.

ssh-action

GitHub Actions for executing remote ssh commands.