A list of useful payloads and bypass for Web Application Security and Pentest/CTF
-
Updated
Sep 16, 2024 - Python
A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Community curated list of templates for the nuclei engine to find security vulnerabilities.
Web path scanner
A list of resources for those interested in getting started in bug bounties
Collection of methodology and test case for various web vulnerabilities.
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
OneForAll是一款功能强大的子域收集工具
Fast passive subdomain enumeration tool.
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
🎯 SQL Injection Payload List
All about bug bounty (bypasses, payloads, and etc)
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
A Workflow Engine for Offensive Security
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
Automated All-in-One OS Command Injection Exploitation Tool.
A collection of custom security tools for quick needs.