Piyush Jain's Projects
Rockyou for web fuzzing
Script that download 37+ open source nuclei templates
A Fuzzer for OpenRedirect issues
OSCP
A collection of several hundred online tools for OSINT
Official repository for Paradigm CTF 2021
Git All the Payloads! A collection of web attack payloads.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Penetration tests guide based on OWASP including test cases, resources and examples.
Short checklists for penetration testing methodology
Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Penetration Testing Checklist
I am tired of cherrytree and I think that having useful information online to consult comfortably can be a good option. Feel free to send corrections / extra tips.
A collection of PHP exploit scripts, found when investigating hacked servers. These are stored for educational purposes and to test fuzzers and vulnerability scanners. Feel free to contribute.
Course repository for PowerShell for Pentesters Course
Curated list of public penetration test reports released by several consulting firms and academic security groups
This repository contains a mindmap and stepwise resource to get started with Smartcontract auditing.
recon from myerspective
Automated Recon for Pentesting & Bug Bounty
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Some good resources for getting started with application security
A list of resources for those interested in getting started in bug bounties
Scrapts Scrapts Scrapts
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
This repo is less actively maintained now but I still monitor it for PR's.