This project is aimed at freely providing technical guides on various hacking topics: Active Directory services, web services, servers, intelligence gathering, physical intrusion, phishing, mobile …

This repo is a PoC with to exploit CVE-2023-51467 and CVE-2023-49070 preauth RCE vulnerabilities found in Apache OFBiz.

Realtek RTL88x2BU WiFi USB Driver for Linux

🌱 a fast, batteries-included static-site generator that transforms Markdown content into fully functional websites

A living document for penetration testing and offensive security.

Ghidra is a software reverse engineering (SRE) framework

A curated list of various bug bounty tools

This tool downloads, installs, and configures a shiny new copy of Chromium.

A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon

Solve Google reCAPTCHA in less than 5 seconds! 🚀

In-depth attack surface mapping and asset discovery

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

A list of resources for those interested in getting started in bug bounties

A recursive internet scanner for hackers.

Automatic SQL injection and database takeover tool

Directory/File, DNS and VHost busting tool written in Go

Web application fuzzer

Fast web fuzzer written in Go

The ultimate WinRM shell for hacking/pentesting

Damn Vulnerable Web Application (DVWA)

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Scripted Local Linux Enumeration & Privilege Escalation Checks

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.

Metasploit Framework

The Browser Exploitation Framework Project

A list of public penetration test reports published by several consulting firms and academic security groups.

Weaponized web shell