There are no reviews yet. Be the first to send feedback to the community and the maintainers!
ICS-Pentesting-Tools
A curated list of tools related to Industrial Control System (ICS) security and Penetration Testingcloud-penetration-testing
A curated list of cloud pentesting resource, contains AWS, Azure, Google CloudRansomware-Samples
Small collection of Ransomware organized by family.bug-bounty-writeups
A curated list of available Bug Bounty & Disclosure Programs and Write-ups.exchange-penetration-testing
The great Microsoft exchange hack: A penetration testerβs guide (exchange penetration testing)Apache-Tomcat-Pentesting
Apache Tomcat exploit and Pentesting guide for penetration testerPenetration-Testing-Interview-Questions
Penetration Testing Interview Questionswifi-password-stealer
steal saved wifi passwords in a computer & ip of target then report them through email.Application-Security-Interview-Questions
Here are some common interview questions for an application security position you can review for your own interview, along with example answersRansomware
Ransomware Simulator for Blue team ,Ransomware Simulator for Red team ,Ransomware infographic, open source Anti Ransomware, Ransomware As A Service and Ransomware protection technologiesMalware-Analysis
A curated list of awesome malware analysis tools and resourcessecurity-mindmap
This repository stores various roadmap(Mindmaps) for bug bounty Hunter, pentester, offensive(red team), defensive(blue team) and security Professional peopleSpring-CVE
This includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed "SpringShell".ProxyShell
CVE-2021-34473 Microsoft Exchange Server Remote Code Execution VulnerabilityCVE-2022-23131
Zabbix - SAML SSO Authentication Bypassxmlrpc-exploit
Exploiting the xmlrpc.php on all WordPress versionsFFUF-Tricks
Describe how to use ffuf different options with examplesDDoS-Attack
DDoS Attack and type of ddos attack and ddos mitigation approachElasticSearch-Pentesting
ElasticSearch exploit and Pentesting guide for penetration testerShodan-Dorks
a curated list of shodan dorks for finding sensitive data in shodan.ioActive-Directory-Attacks
A curated list of awesome Active Directory Penetration Testing and attack resourcesDevSecOps
Collection and Roadmap for everyone who wants DevSecOps, contains list of tools and methodologiesSmishing-Botnets
Smishing Botnets Going Viral in IranCyber-Threat-Hunting
A curated list of threat detection and hunting resourcesCloud-Flaws-CTF
flAWS.cloud and flAWS2.cloud Interactive tutorial/CTFs to learn common AWS security mistakes.Bug-Hunting-Handbook
Bug Hunting HandbookNextcloud-Pentesting
Nextcloud exploit and Pentesting guide for penetration testerFresh-Resolvers
List of fresh DNS resolvers updated dailybruteforce-http-authentication
Bruteforce HTTP Authentication. Supports: Basic HTTP authentication ,Digest HTTP authenticationProxyLogon
ProxyLogon (CVE-2021-26855+CVE-2021-27065) Exchange Server RCE (SSRF->GetWebShell)RabbitMQ-Pentesting
RabbitMQ exploit and Pentesting guide for penetration testerCVE-2022-26134
[PoC] Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE)PHP-Interview-Questions
a curated list of php interview questions and answerscyber-attacks-in-iran
A curated list of awesome cyber attacks in iran, we want to review and explain some advanced attack that happened in iran, in order to learned some security tips.Webmin-CVE
a Curated list of Webmin vulnerability for penetration testeropen-DNS-resolver
DNS Open resolvers or Open DNS resolver vulnerability are type of DNS amplification attack.Python-Interview-Questions
a curated list of Python interview questions and answersCVE-2023-38646
Metabase Pre-auth RCE (CVE-2023-38646)Gitlab-CVE
a Curated list of gitlab vulnerabilityGitLab-SSRF-CVE-2021-22214
POC for CVE-2021-22214: Gitlab SSRFFortiWeb
FortiWeb is a web application firewall (WAF)kh4sh3i
CKEditor-Pentesting
Grafana-CVE
a Curated list of Grafana Security Vulnerabilities, CVE & exploitFavicon-Hash
Calculate Favicon Hash for ShodanSplunk
a useful tutorial about splunk and security splunk app97-Tests-for-Authentication-API
97 JSON Tests for Authentication EndpointsRedis-Pentesting
Redis exploit and Pentesting guide for penetration testerCVE-2021-30573
Google Chrome Vulnerabilities CVE-2021-30573 allowed a remote attacker to potentially exploit heap corruptionLove Open Source and this site? Check out how you can help us