tov-a Goto Github PK

-payloads_web--cmd-injection

🎯 Command Injection Payload List

-payloads_web--directory-brute-force

🎯 Directory Payload List

-payloads_web--lfi-rfi

🎯 RFI/LFI Payload List

-payloads_web--open-retdirect

🎯 Open Redirect Payload List

-payloads_web--sql

🎯 SQL Injection Payload List

-payloads_web--ssti-template-injections

🎯 Server Side Template Injection Payloads

-payloads_web--xxe

🎯 XML External Entity (XXE) Injection Payload List

-payloads_web-csv-injections

🎯 CSV Injection Payloads

active-directory-exploitation-cheat-sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

adrecon

ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.

amsi-bypass-powershell

This repo contains some Amsi Bypass methods i found on different Blog Posts.

api-security-checklist

Checklist of the most important security countermeasures when designing, testing, and releasing your API

application-security-engineer-interview-questions

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

automatedlab

AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2019, some Linux distributions and various products like AD, Exchange, PKI, IIS, etc.

awesome-bug-bounty

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

awesome-cv

:page_facing_up: Awesome CV is LaTeX template for your outstanding job application

awesome-hacking

A collection of various awesome lists for hackers, pentesters and security researchers

awesome-oneliner-bugbounty

A collection of awesome one-liner scripts especially for bug bounty tips.

awesome-oneliner-bugbounty-1

awesome-web-security

🐶 A curated list of Web Security materials and resources.

bash-oneliner

A collection of handy Bash One-Liners and terminal tricks for data processing and Linux system maintenance.

bash-oneliner-script-for-bug-bounty

bug-bounty

Ressources for bug bounty hunting

bug-bounty-oneliners

Oneliners curated from my experience and from the internet

bugbounty-1

All about bug bounty (bypasses, payloads, and etc)

burp-suite-certified-practitioner-exam-study

Burp Suite Certified Practitioner Exam Study

certifications

A curated list of free courses & certifications.

crtp-cheatsheet

Notes I made while preparing for the CRTP certification exam

crtp-cheatsheet-1

Cheatsheet for the commands learned in Attack and Defense Active Directory Lab