nullfuzz

Shodan Dorks

Open-Source Phishing Toolkit

Community curated list of templates for the nuclei engine to find security vulnerabilities.

OSCP Cheat Sheet

Log4shell payloads

Collection of Cyber Threat Intelligence sources from the deep and dark web

Repositorio de templates custom de Nuclei

A 100% autonomous AI agent that attacks, defends, admins and acts on SSH connections

A simple python script to convert Nmap output to CSV

No description provided.

Find leaked secrets via github search

The FetLife App on Android

List of reporting templates I have used since I started doing BBH.

Regex list pentesting

Rustcat(rcat) - The modern Port listener and Reverse shell

No description provided.

Community-sourced cheatsheets

Wordlist pentesting

A list of dorks for the Netlas.io search engine, with which you can find millions of objects in the boundless IoE. Contains queries to search for IoT elements, protocols, communication tools, remote access, and more. Over time, the list will grow.

Linux privilege escalation auditing tool

Awesome list telegram groups

A Java GUI Tool for Analyzing Jar (一个用户分析Jar包的GUI工具，可以方便地查看方法调用关系并反编译，支持Spring框架的分析)

Reflected XSS Payload List for Vue.js (2 & 3)

Javascript-based keylogger

My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

弱口令检测、 漏洞扫描、端口扫描（协议识别，组件识别）、web目录扫描、等保模拟定级、自动化运维、等保工具（网络安全等级保护现场测评工具）内置3级等保核查命令、基线核查工具

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。

No description provided.

🚀 Open-Source Serverless Framework for full-stack apps on Firebase and Google Cloud.