Awesome Writeups and POCs
☆559Feb 11, 2025Updated last year
Alternatives and similar repositories for awsome-security-write-ups-and-POCs
Users that are interested in awsome-security-write-ups-and-POCs are comparing it to the libraries listed below
Sorting:
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆4,073Jul 31, 2024Updated last year
- A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference☆5,557Aug 6, 2023Updated 2 years ago
- Penetration tests guide based on OWASP including test cases, resources and examples.☆2,767Mar 23, 2022Updated 3 years ago
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆6,385Sep 14, 2023Updated 2 years ago
- This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location☆1,361Jan 24, 2021Updated 5 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,482Oct 12, 2024Updated last year
- A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.☆5,489Updated this week
- Ghazi is a BurpSuite Plugins For Testing various PayLoads Like "XSS,SQLi,SSTI,SSRF,RCE and LFI" through Different tabs , Where Each Tab W…☆107Feb 11, 2019Updated 7 years ago
- A curated list of amazingly awesome Burp Extensions☆3,373Feb 17, 2026Updated 3 weeks ago
- Just some public notes that can be useful and i want let the world knows.☆88Oct 18, 2020Updated 5 years ago
- List of Awesome Asset Discovery Resources☆2,377Jan 22, 2025Updated last year
- A collection of custom security tools for quick needs.☆3,284May 1, 2023Updated 2 years ago
- Hunting Bugs for Fun and Profit☆275Jul 29, 2020Updated 5 years ago
- BBT - Bug Bounty Tools (examples💡)☆1,880Apr 5, 2024Updated last year
- Hacking Facebook for fun and profit: It’s not that hard, apparently (exclusive)☆62Jul 2, 2019Updated 6 years ago
- Collection of methodology and test case for various web vulnerabilities.☆7,039Jun 25, 2025Updated 8 months ago
- Ressources for bug bounty hunting☆1,907Dec 1, 2022Updated 3 years ago
- A curated list of amazingly bug bounty tips from security researchers around the world.☆104Mar 14, 2019Updated 6 years ago
- Tools and resources for web app hacking. The payloads.txt documents are a must have for your Burpsuite intruder payload armory. They've h…☆28Jun 10, 2019Updated 6 years ago
- List of Awesome Red Teaming Resources☆7,809Dec 28, 2023Updated 2 years ago
- A collection of awesome one-liner scripts especially for bug bounty tips.☆3,077Jul 29, 2024Updated last year
- The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application pen…☆5,159Feb 8, 2024Updated 2 years ago
- This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for …☆3,659Updated this week
- Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed b…☆1,027Feb 5, 2021Updated 5 years ago
- A big list of Android Hackerone disclosed reports and other resources.☆1,672Sep 10, 2025Updated 6 months ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆293Aug 23, 2019Updated 6 years ago
- A python script that finds endpoints in JavaScript files☆4,297Apr 13, 2024Updated last year
- Fuzzing Payloads to Assist in Web Application Testing.☆166Jun 6, 2019Updated 6 years ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,903Sep 27, 2021Updated 4 years ago
- Mind-Maps of Several Things☆2,625Jun 29, 2023Updated 2 years ago
- Top disclosed reports from HackerOne☆5,358Feb 28, 2026Updated last week
- Tools & Interesting Things for RedTeam Ops☆2,258Feb 10, 2026Updated last month
- Web App bug hunting☆578Nov 26, 2025Updated 3 months ago
- Tools and datas related to Bug Bounty.☆236Apr 20, 2022Updated 3 years ago
- The Bug Hunters Methodology☆4,260Aug 1, 2023Updated 2 years ago
- A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.☆1,983Sep 5, 2021Updated 4 years ago
- "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.☆5,572Feb 8, 2025Updated last year
- Collection of Bug Bounty Tips☆65Dec 10, 2019Updated 6 years ago
- Azure and AWS Attacks☆1,114Nov 25, 2022Updated 3 years ago