Stars
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
21 Lessons, Get Started Building with Generative AI 🔗 https://microsoft.github.io/generative-ai-for-beginners/
Nuclei AI - Browser Extension for Rapid Nuclei Template Generation
🔥🔥🔥AI-driven database tool and SQL client, The hottest GUI client, supporting MySQL, Oracle, PostgreSQL, DB2, SQL Server, DB2, SQLite, H2, ClickHouse, and more.
Enumerate the permissions associated with AWS credential set
XSS payloads designed to turn alert(1) into P1
DoS tool for HTTP requests (inspired by hulk but has more functionalities)
Useful Google Dorks for WebSecurity and Bug Bounty
A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting
Fetch all the URLs that the Wayback Machine knows about for a domain
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
Extracting URLs of a specific target based on the results of "commoncrawl.org"
Process Common Crawl data with Python and Spark
The EXCLUSIVE Collection of 40,000 Nuclei templates based on Wordfence intel. Daily updates for bulletproof WordPress security.
用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
i will upload more templates here to share with the comunity.
Prototype Pollution and useful Script Gadgets
Collection of methodology and test case for various web vulnerabilities.
Collection of snippets for devtools.
Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities