There are no reviews yet. Be the first to send feedback to the community and the maintainers!
ICS-Pentesting-Tools
A curated list of tools related to Industrial Control System (ICS) security and Penetration Testingsmartrecon
smartrecon is a powerful shell script to automate the recon and finding common vulnerabilities for bug huntercloud-penetration-testing
A curated list of cloud pentesting resource, contains AWS, Azure, Google CloudRansomware-Samples
Small collection of Ransomware organized by family.bug-bounty-writeups
A curated list of available Bug Bounty & Disclosure Programs and Write-ups.exchange-penetration-testing
The great Microsoft exchange hack: A penetration testerโs guide (exchange penetration testing)Apache-Tomcat-Pentesting
Apache Tomcat exploit and Pentesting guide for penetration testerPenetration-Testing-Interview-Questions
Penetration Testing Interview Questionswifi-password-stealer
steal saved wifi passwords in a computer & ip of target then report them through email.Ransomware
Ransomware Simulator for Blue team ,Ransomware Simulator for Red team ,Ransomware infographic, open source Anti Ransomware, Ransomware As A Service and Ransomware protection technologiessecurity-mindmap
This repository stores various roadmap(Mindmaps) for bug bounty Hunter, pentester, offensive(red team), defensive(blue team) and security Professional peopleMalware-Analysis
A curated list of awesome malware analysis tools and resourcesSpring-CVE
This includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed "SpringShell".ProxyShell
CVE-2021-34473 Microsoft Exchange Server Remote Code Execution VulnerabilityCVE-2022-23131
Zabbix - SAML SSO Authentication Bypassxmlrpc-exploit
Exploiting the xmlrpc.php on all WordPress versionsFFUF-Tricks
Describe how to use ffuf different options with examplesDDoS-Attack
DDoS Attack and type of ddos attack and ddos mitigation approachShodan-Dorks
a curated list of shodan dorks for finding sensitive data in shodan.ioElasticSearch-Pentesting
ElasticSearch exploit and Pentesting guide for penetration testerActive-Directory-Attacks
A curated list of awesome Active Directory Penetration Testing and attack resourcesDevSecOps
Collection and Roadmap for everyone who wants DevSecOps, contains list of tools and methodologiesSmishing-Botnets
Smishing Botnets Going Viral in IranCyber-Threat-Hunting
A curated list of threat detection and hunting resourcesCloud-Flaws-CTF
flAWS.cloud and flAWS2.cloud Interactive tutorial/CTFs to learn common AWS security mistakes.Bug-Hunting-Handbook
Bug Hunting HandbookNextcloud-Pentesting
Nextcloud exploit and Pentesting guide for penetration testerFresh-Resolvers
List of fresh DNS resolvers updated dailybruteforce-http-authentication
Bruteforce HTTP Authentication. Supports: Basic HTTP authentication ,Digest HTTP authenticationProxyLogon
ProxyLogon (CVE-2021-26855+CVE-2021-27065) Exchange Server RCE (SSRF->GetWebShell)RabbitMQ-Pentesting
RabbitMQ exploit and Pentesting guide for penetration testerCVE-2022-26134
[PoC] Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE)PHP-Interview-Questions
a curated list of php interview questions and answerscyber-attacks-in-iran
A curated list of awesome cyber attacks in iran, we want to review and explain some advanced attack that happened in iran, in order to learned some security tips.Webmin-CVE
a Curated list of Webmin vulnerability for penetration testeropen-DNS-resolver
DNS Open resolvers or Open DNS resolver vulnerability are type of DNS amplification attack.Python-Interview-Questions
a curated list of Python interview questions and answersCVE-2023-38646
Metabase Pre-auth RCE (CVE-2023-38646)GitLab-SSRF-CVE-2021-22214
POC for CVE-2021-22214: Gitlab SSRFGitlab-CVE
a Curated list of gitlab vulnerabilityFortiWeb
FortiWeb is a web application firewall (WAF)kh4sh3i
Favicon-Hash
Calculate Favicon Hash for ShodanCKEditor-Pentesting
Grafana-CVE
a Curated list of Grafana Security Vulnerabilities, CVE & exploitSplunk
a useful tutorial about splunk and security splunk app97-Tests-for-Authentication-API
97 JSON Tests for Authentication EndpointsRedis-Pentesting
Redis exploit and Pentesting guide for penetration testerCVE-2021-30573
Google Chrome Vulnerabilities CVE-2021-30573 allowed a remote attacker to potentially exploit heap corruptionLove Open Source and this site? Check out how you can help us