#python #bugbounty #cybersecurity #hacking #nuclei #penetration_testing #pentesting #reconnaissance #security #security_tools #vulnerability_scanners #web #webapplication #webappsecurity
https://github.com/gotr00t0day/Gsec
https://github.com/gotr00t0day/Gsec
GitHub
GitHub - gotr00t0day/Gsec: Web Security Scanner
Web Security Scanner. Contribute to gotr00t0day/Gsec development by creating an account on GitHub.
#other #awesome #awesome_list #bug_bounty #cybersecurity #forensics #hacking #incident_response #infosec #osint #penetration_testing #pentesting #reconnaissance #security #security_automation #security_tools
https://github.com/danieldurnea/FBI-tools
https://github.com/danieldurnea/FBI-tools
GitHub
GitHub - danieldurnea/FBI-tools: 🕵️ OSINT Tools for gathering information and actions forensics 🕵️
🕵️ OSINT Tools for gathering information and actions forensics 🕵️ - GitHub - danieldurnea/FBI-tools: 🕵️ OSINT Tools for gathering information and actions forensics 🕵️
❤1
#other #android #awesome #bug_bounty #fuzzing #hacking #penetration_testing #pentesting_windows #reverse_engineering #security
This collection of resources is designed for hackers, pentesters, and security researchers. It includes a wide range of lists and repositories covering various aspects of security such as Android security, application security, bug bounty programs, exploit development, and more. These resources provide tools, tutorials, and references to help you improve your skills in cybersecurity. By using these resources, you can gain access to valuable information and tools that will enhance your knowledge and capabilities in the field of cybersecurity, making you better equipped to handle security assessments, incident responses, and other related tasks.
https://github.com/Hack-with-Github/Awesome-Hacking
This collection of resources is designed for hackers, pentesters, and security researchers. It includes a wide range of lists and repositories covering various aspects of security such as Android security, application security, bug bounty programs, exploit development, and more. These resources provide tools, tutorials, and references to help you improve your skills in cybersecurity. By using these resources, you can gain access to valuable information and tools that will enhance your knowledge and capabilities in the field of cybersecurity, making you better equipped to handle security assessments, incident responses, and other related tasks.
https://github.com/Hack-with-Github/Awesome-Hacking
GitHub
GitHub - Hack-with-Github/Awesome-Hacking: A collection of various awesome lists for hackers, pentesters and security researchers
A collection of various awesome lists for hackers, pentesters and security researchers - Hack-with-Github/Awesome-Hacking
#go #afrog #bug_bounty #penetration_testing #pentest #poc #red_teaming #vulnerability_scanner #vulnerability_scanning_tools
Afrog is a powerful tool for security professionals, especially those involved in bug bounty, penetration testing, and red teaming. It is a high-performance vulnerability scanner that is fast, stable, and has low false positives. Afrog supports user-defined Proof of Concepts (PoCs) and comes with various built-in types like CVE, CNVD, default passwords, and more. It generates detailed HTML vulnerability reports and allows customizable and updatable PoCs.
Using afrog, you can quickly scan websites for vulnerabilities, create HTML reports, and even store results in a database for easy access via a web interface. The tool is open-source, has an active community, and can be installed using Go or by downloading binaries from GitHub.
Overall, afrog enhances your security defense capabilities by providing a robust and efficient way to identify and remediate vulnerabilities.
https://github.com/zan8in/afrog
Afrog is a powerful tool for security professionals, especially those involved in bug bounty, penetration testing, and red teaming. It is a high-performance vulnerability scanner that is fast, stable, and has low false positives. Afrog supports user-defined Proof of Concepts (PoCs) and comes with various built-in types like CVE, CNVD, default passwords, and more. It generates detailed HTML vulnerability reports and allows customizable and updatable PoCs.
Using afrog, you can quickly scan websites for vulnerabilities, create HTML reports, and even store results in a database for easy access via a web interface. The tool is open-source, has an active community, and can be installed using Go or by downloading binaries from GitHub.
Overall, afrog enhances your security defense capabilities by providing a robust and efficient way to identify and remediate vulnerabilities.
https://github.com/zan8in/afrog
GitHub
GitHub - zan8in/afrog: A Security Tool for Bug Bounty, Pentest and Red Teaming.
A Security Tool for Bug Bounty, Pentest and Red Teaming. - zan8in/afrog
#python #android #android_malware #dynamic_analysis #frida #frida_scripts #frida_snippets #malware #medusa #penetration_testing #pentest
MEDUSA is a powerful tool that helps you analyze and automate processes for Android and iOS apps. It has many modules that can monitor various app activities like intents, HTTP communications, database interactions, and more. You can use MEDUSA to bypass security measures like SSL pinning, monitor malware activities, and even translate app UIs. To use it, you need to install it on Linux or macOS, set up the necessary tools like FRIDA and adb, and then run the scripts to start monitoring. This tool makes it easier to understand and analyze how apps work, which is very useful for security testing and debugging.
https://github.com/Ch0pin/medusa
MEDUSA is a powerful tool that helps you analyze and automate processes for Android and iOS apps. It has many modules that can monitor various app activities like intents, HTTP communications, database interactions, and more. You can use MEDUSA to bypass security measures like SSL pinning, monitor malware activities, and even translate app UIs. To use it, you need to install it on Linux or macOS, set up the necessary tools like FRIDA and adb, and then run the scripts to start monitoring. This tool makes it easier to understand and analyze how apps work, which is very useful for security testing and debugging.
https://github.com/Ch0pin/medusa
GitHub
GitHub - Ch0pin/medusa: Mobile Edge-Dynamic Unified Security Analysis
Mobile Edge-Dynamic Unified Security Analysis. Contribute to Ch0pin/medusa development by creating an account on GitHub.
❤1
#dockerfile #application_security #appsec #best_practices #bugbounty #guide #hacking #hacktoberfest #owasp #penetration_testing #pentesting #security
The OWASP Web Security Testing Guide (WSTG) is a comprehensive resource for testing the security of web applications and services. Created by security professionals and volunteers, it provides a framework of best practices used globally. The guide is constantly updated, with the current version being 5.0, and previous stable releases like 4.2 available. Users can benefit by learning detailed methods for securing web applications, contributing to the guide through feedback or translations, and connecting with the community via Slack, Twitter, or Google Groups. This helps ensure your web applications are secure and up-to-date with the latest security standards.
https://github.com/OWASP/wstg
The OWASP Web Security Testing Guide (WSTG) is a comprehensive resource for testing the security of web applications and services. Created by security professionals and volunteers, it provides a framework of best practices used globally. The guide is constantly updated, with the current version being 5.0, and previous stable releases like 4.2 available. Users can benefit by learning detailed methods for securing web applications, contributing to the guide through feedback or translations, and connecting with the community via Slack, Twitter, or Google Groups. This helps ensure your web applications are secure and up-to-date with the latest security standards.
https://github.com/OWASP/wstg
GitHub
GitHub - OWASP/wstg: The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications…
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services. - OWASP/wstg
#python #bounty #bugbounty #bypass #cheatsheet #enumeration #hacking #hacktoberfest #methodology #payload #payloads #penetration_testing #pentest #privilege_escalation #redteam #security #vulnerability #web_application
Payloads All The Things is a comprehensive collection of useful payloads and bypass techniques for web application security testing and penetration testing. It offers detailed documentation for each vulnerability, including how to exploit it and ready-to-use payloads, plus files for tools like Burp Intruder. You can contribute your own payloads or improvements, making it a collaborative resource. It also links to related projects for internal network and hardware pentesting, and provides learning resources like books and videos. Using this resource helps you efficiently find and test security weaknesses in web applications, improving your pentesting effectiveness and knowledge.
https://github.com/swisskyrepo/PayloadsAllTheThings
Payloads All The Things is a comprehensive collection of useful payloads and bypass techniques for web application security testing and penetration testing. It offers detailed documentation for each vulnerability, including how to exploit it and ready-to-use payloads, plus files for tools like Burp Intruder. You can contribute your own payloads or improvements, making it a collaborative resource. It also links to related projects for internal network and hardware pentesting, and provides learning resources like books and videos. Using this resource helps you efficiently find and test security weaknesses in web applications, improving your pentesting effectiveness and knowledge.
https://github.com/swisskyrepo/PayloadsAllTheThings
GitHub
GitHub - swisskyrepo/PayloadsAllTheThings: A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A list of useful payloads and bypass for Web Application Security and Pentest/CTF - swisskyrepo/PayloadsAllTheThings
👍1
#python #agents #artificial_intelligence #cybersecurity #generative_ai #llm #penetration_testing
Strix is a free, open-source tool that uses AI agents to automatically find and fix security problems in your apps by acting like real hackers—running your code, hunting for vulnerabilities, and proving they’re real by actually exploiting them, not just guessing[1][2]. It works fast, gives clear reports, and can even suggest fixes or create pull requests to help you secure your code quickly. You can run it on your own computer, in your development pipeline, or use a cloud version for easier setup. The main benefit is that you get thorough, real-world security testing without the slow pace and high cost of manual checks, helping you catch and fix issues before they become serious problems.
https://github.com/usestrix/strix
Strix is a free, open-source tool that uses AI agents to automatically find and fix security problems in your apps by acting like real hackers—running your code, hunting for vulnerabilities, and proving they’re real by actually exploiting them, not just guessing[1][2]. It works fast, gives clear reports, and can even suggest fixes or create pull requests to help you secure your code quickly. You can run it on your own computer, in your development pipeline, or use a cloud version for easier setup. The main benefit is that you get thorough, real-world security testing without the slow pace and high cost of manual checks, helping you catch and fix issues before they become serious problems.
https://github.com/usestrix/strix
GitHub
GitHub - usestrix/strix: Open-source AI agents for penetration testing
Open-source AI agents for penetration testing. Contribute to usestrix/strix development by creating an account on GitHub.
#python #large_language_models #llm #penetration_testing #python
PentestGPT is a free, open-source AI tool that automates penetration testing like solving CTF challenges in web, crypto, and more. Install easily with Docker, add your API key (Anthropic, OpenAI, or local LLMs), then run
https://github.com/GreyDGL/PentestGPT
PentestGPT is a free, open-source AI tool that automates penetration testing like solving CTF challenges in web, crypto, and more. Install easily with Docker, add your API key (Anthropic, OpenAI, or local LLMs), then run
pentestgpt --target [IP] for interactive guidance on scans, exploits, and reports. New v1.0 adds autonomous agents and session saving. It boosts your speed and accuracy in ethical hacking, helping beginners learn steps fast and pros tackle complex targets efficiently. https://github.com/GreyDGL/PentestGPT
GitHub
GitHub - GreyDGL/PentestGPT: A GPT-empowered penetration testing tool
A GPT-empowered penetration testing tool. Contribute to GreyDGL/PentestGPT development by creating an account on GitHub.