A Security Tool for Bug Bounty, Pentest and Red Teaming.
Active Directory and Internal Pentest Cheatsheets
Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.
All releases of the security research group (a.k.a. hackers) The Hacker's Choice
🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337
lolC2 is a collection of C2 frameworks that leverage legitimate services to evade detection
🐱💻 👍 Google Chrome - File System Access API - vulnerabilities reported by Maciej Pulikowski | Total Bug Bounty Reward: $5.000 | CVE-2021-21123 and 5 more...
This repository contains writeups for various CTFs I've participated in (Including Hack The Box).
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Pentest focused NixOS config
Sploit -- All-in-one, AI-powered cybersecurity toolkit for web, network, and phishing tests. Modular, cross-platform, Docker-ready, with GUI & CLI. Open source by AUX-441 Team.
"Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protection against session hijacking via XSS
A passive online scanner from OWTF
Add a description, image, and links to the pentest topic page so that developers can more easily learn about it.
To associate your repository with the pentest topic, visit your repo's landing page and select "manage topics."