Awesome Writeups and POCs
☆562Feb 11, 2025Updated last year
Alternatives and similar repositories for awsome-security-write-ups-and-POCs
Users that are interested in awsome-security-write-ups-and-POCs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference☆5,753Aug 6, 2023Updated 2 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆4,179Jul 31, 2024Updated last year
- Penetration tests guide based on OWASP including test cases, resources and examples.☆2,786Mar 23, 2022Updated 4 years ago
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆6,436Sep 14, 2023Updated 2 years ago
- This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location☆1,367Jan 24, 2021Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.☆5,604Mar 7, 2026Updated last month
- SSRF (Server Side Request Forgery) testing resources☆2,489Oct 12, 2024Updated last year
- Ghazi is a BurpSuite Plugins For Testing various PayLoads Like "XSS,SQLi,SSTI,SSRF,RCE and LFI" through Different tabs , Where Each Tab W…☆107Feb 11, 2019Updated 7 years ago
- Just some public notes that can be useful and i want let the world knows.☆90Oct 18, 2020Updated 5 years ago
- A curated list of amazingly awesome Burp Extensions☆3,392Feb 17, 2026Updated 2 months ago
- Collection of methodology and test case for various web vulnerabilities.☆7,104Jun 25, 2025Updated 10 months ago
- Hunting Bugs for Fun and Profit☆276Jul 29, 2020Updated 5 years ago
- Ressources for bug bounty hunting☆1,919Dec 1, 2022Updated 3 years ago
- Fuzzing Payloads to Assist in Web Application Testing.☆166Jun 6, 2019Updated 6 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- A collection of custom security tools for quick needs.☆3,290May 1, 2023Updated 2 years ago
- Tools and resources for web app hacking. The payloads.txt documents are a must have for your Burpsuite intruder payload armory. They've h…☆28Jun 10, 2019Updated 6 years ago
- Top disclosed reports from HackerOne☆5,809Updated this week
- A big list of Android Hackerone disclosed reports and other resources.☆1,682Sep 10, 2025Updated 7 months ago
- A curated list of amazingly bug bounty tips from security researchers around the world.☆106Mar 14, 2019Updated 7 years ago
- Hacking Facebook for fun and profit: It’s not that hard, apparently (exclusive)☆62Jul 2, 2019Updated 6 years ago
- Facebook Bug Bounties☆106Feb 24, 2021Updated 5 years ago
- A collection of awesome one-liner scripts especially for bug bounty tips.☆3,110Jul 29, 2024Updated last year
- List of Awesome Asset Discovery Resources☆2,480Jan 22, 2025Updated last year
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- BBT - Bug Bounty Tools (examples💡)☆1,888Apr 5, 2024Updated 2 years ago
- All about bug bounty (bypasses, payloads, and etc)☆6,705Sep 8, 2023Updated 2 years ago
- The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application pen…☆5,189Feb 8, 2024Updated 2 years ago
- List of Awesome Red Teaming Resources☆7,898Dec 28, 2023Updated 2 years ago
- Tools & Interesting Things for RedTeam Ops☆2,271Feb 10, 2026Updated 2 months ago
- Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed b…☆1,030Feb 5, 2021Updated 5 years ago
- Tools and datas related to Bug Bounty.☆236Apr 20, 2022Updated 4 years ago
- Web App bug hunting☆578Nov 26, 2025Updated 5 months ago
- The Bug Hunters Methodology☆4,311Aug 1, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Awesome XSS stuff☆5,103Oct 30, 2024Updated last year
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,927Sep 27, 2021Updated 4 years ago
- Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.☆759Apr 12, 2022Updated 4 years ago
- An entry level resource to learning bug bounty.☆28Apr 11, 2018Updated 8 years ago
- Azure and AWS Attacks☆1,118Nov 25, 2022Updated 3 years ago
- Mind-Maps of Several Things☆2,651Jun 29, 2023Updated 2 years ago
- "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.☆5,639Feb 8, 2025Updated last year