Automated NoSQL database enumeration and web application exploitation tool.

Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp

The Offensive Manual Web Application Penetration Testing Framework.

An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Second Shield, CC Defense, OAuth2 Authentication, Global Server Load Balance, and Cookie Compliance etc. JANUSEC应用网关，提供安全的接入，包括反向代理、K8S Ingress Controller、自动化ACME证书、WAF、5秒盾、CC防御、OAuth2身份认证、GSLB负载均衡与Cookie合规等。

🎯 XML External Entity (XXE) Injection Payload List

Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.

🎯 RFI/LFI Payload List

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

A cross-platform python based utility for information gathering and penetration testing automation!

h2t (HTTP Hardening Tool) scans a website and suggests security headers to apply

List of CyberSecurity Resources and some different Sub-Domains of CyberSecurity

Second-order subdomain takeover scanner

A Security Tool for Enumerating WebSockets

✂️ Removing CDN IPs from the list of IP addresses

PHP Security Check List [ EN ] 🌋 ☣️

Pentesting and Bug Bounty Notes, Cheetsheets and Guide for Ethical Hacker, Whitehat Pentesters and CTF Players.

Awesome information for WebSockets security research

Master cybersecurity skills with this TryHackMe free path, includes a collection of my write-ups, solutions and progress tracking.