Here's a list of github repos and tools that I believe are awesome and should be promoted and used.
Semgrep - Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
RegexPassive - Collection of regexp pattern for security passive scanning
PayloadAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CTF
OneListForAll - Rockyou for web fuzzing by six2dez
Prowler - Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
PurplePanda - Identify privilege escalation paths within and across different clouds
Tornado - Anonymously Reverse Shell over Tor Network using Hidden services without Portforwarding.
Hakoriginfinder - Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!
Nemesis - URL scanner for recon, vulnerabilities, secrets and more!
reconFTW - reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
rengine - reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface.
Misc - Bug Bounty Hunting | Penetration Testing
Inventory - Asset inventory on public bug bounty programs.
HowToHunt - Tutorials and Things to Do while Hunting Vulnerability.
Keyhacks - Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
TruffleHog - Find credentials all over the place on Github Repos
Web Application Pentest Checklist
Buggyapp - Android - Buggyapp is an vulnerable android application. This app can be used by pentesters, security researchers to practice Android application pentesting. This is build for beginners to learn basics about Android application pentesting
All new resourcs and tools
All about bug bounty (bypasses, payloads, and etc
Useful Match and Replace BurpSuite Rules
a free, open source, cross platform Intelligence gathering tool
Automated Recon for Pentesting & Bug Bounty
Rockyou for web fuzzing
Scope gathering tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more
Authenticated Scanning
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names.
crawls the website and finds broken social media links that can be hijacked
Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers.
The most exhaustive list of reliable DNS resolvers.
Create and Run Intelligent Automation Scripts Without learning bash scripting
A simple script just made for self use for bypassing 403
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
reNgine is an automated reconnaissance framework
PoC auto collect from GitHub. โ ๏ธ Be careful Malware.
Advanced Github OSINT Framework
An AI-powered Personal Identifiable Information (PII) scanner.
awesome-malware-analysis
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
Awesome-Cloud-PenTest
Better Google Dorking with Dorker.
Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.
completely ridiculous API (crAPI)
A Burp Suite Extension for parsing Project Files from the CLI.
Unleash the power of cloud
Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs
a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http requests to Javascript for further XSS exploitation and more.
Asset inventory on public bug bounty programs.
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Buggyapp is an vulnerable android application. This app can be used by pentesters, security researchers to practice Android application pentesting. This is build for beginners to learn basics about Android application pentesting
OneForAll
awesome-bug-bounty
Zed Attack Proxy Scripts for finding CVEs and Secrets.
cryptography
A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
client-side-prototype-pollution
Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.
Educational, CTF-styled labs for individuals interested in Memory Forensics
ethical-hacking
This is a repository made by the author to improve his skill in python exploitatio
web-app-exploitation
https://github.com/DK9510/web-app-exploitation
PeTeReport is an open-source application vulnerability reporting tool.
https://github.com/1modm/petereport
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
https://github.com/swisskyrepo/PayloadsAllTheThings
bugbountytips
https://github.com/topics/bugbountytips
OWASP ZAP
https://github.com/zaproxy
Codebase to generate an msdt-follina payload
https://github.com/JohnHammond/msdt-follina
A powerful and open-source toolkit for hackers and security automation
https://github.com/We5ter/Scanners-Box
Fast and customizable vulnerability scanner based on simple YAML based DSL.
https://github.com/projectdiscovery/nuclei
Top disclosed reports from HackerOne
https://github.com/reddelexc/hackerone-reports
Multi-Cloud Security Auditing Tool
https://github.com/nccgroup/ScoutSuite
Arsenal is just a quick inventory and launcher for hacking programs
https://github.com/Orange-Cyberdefense/arsenal
About
Advanced external automation on bug bounty programs by running the best set of tools to perform scanning and finding out vulnerabilities
https://github.com/samet-g/bugradar
URL scanner for recon, vulnerabilities, secrets and more!
https://github.com/machinexa2/Nemesis
Gather and update all available and newest CVEs with their PoC.
https://github.com/trickest/cve
urlwatch monitors webpages for you
https://github.com/thp/urlwatch
Burp Extension written in Jython to hunt for common vulnerabilities found in websites. Developed by Gaurav Narwani to help people find vulnerabilities and teach how to exploit them.
https://github.com/gauravnarwani97/Trishul
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
https://github.com/EnableSecurity/wafw00f
Automated & Manual Wordlists provided by Assetnote
https://github.com/assetnote/wordlists
Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)
https://github.com/Dheerajmadhukar/karma_v2
Granular, Actionable Adversary Emulation for the Cloud
https://github.com/DataDog/stratus-red-team
A Python based GUI for volatility. Made by keeping CTFs in focus. Basic memory forensics in Clicks.
https://github.com/AdityaSec/Vol-GUI
CyLR - Live Response Collection Tool
https://github.com/orlikoski/CyLR
A python module to find domains and subdomains of a given domain with a easy to use CLI.
https://github.com/TxSadhu/DomFu
Fetch many paths for many hosts - without killing the hosts
https://github.com/tomnomnom/meg
An interactive cheatsheet tool for the command-line
https://github.com/denisidoro/navi
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
https://github.com/swisskyrepo/PayloadsAllTheThings
Anonymously Reverse Shell over Tor Network using Hidden services without Portforwarding.
https://github.com/samet-g/tornado
Learning Google V8
https://github.com/danbev/learning-v8
Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
https://github.com/stealthcopter/deepce
Identify privilege escalation paths within and across different clouds
https://github.com/carlospolop/PurplePanda
Reverse Engineer's Toolkit
https://github.com/mentebinaria/retoolkit
A Python based GUI for volatility. Made by keeping CTFs in focus. Basic memory forensics in Clicks.
https://github.com/AdityaSec/Vol-GUI
Attack Surface Management Platform | Sn1perSecurity LLC
https://github.com/1N3/Sn1per
POC to replicate the full 'Follina' Office RCE vulnerability for testing purposes
https://github.com/chvancooten/follina.py
A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.
https://github.com/cycurity/wister
a drop-in replacement for Nmap powered by shodan.io
https://github.com/s0md3v/Smap
Display and control your Android device
https://github.com/Genymobile/scrcpy
Advanced Search for Twitter.
https://github.com/igorbrigadir/twitter-advanced-search
The fastest dork scanner written in Go.
https://github.com/dwisiswant0/go-dork#using-proxy
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. ๐ก๏ธโ๏ธ๐ง
https://github.com/lutfumertceylan/top25-parameter
Gosint is a distributed asset information collection and vulnerability scanning platform
https://github.com/1in9e/gosint
CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.
https://github.com/tokyoneon/CredPhish
CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
https://github.com/usdAG/cstc
I have collected all hackerone disclosed reports by brute forcing on
https://github.com/besioo/hackerone