hideckies / exploit-notes
Sticky notes for pentesting, bug bounty, CTF.
☆623Updated 2 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for exploit-notes
- A simple tool for bypassing file upload restrictions.☆784Updated 4 months ago
- 1337 Wordlists for Bug Bounty Hunting☆790Updated 3 weeks ago
- Offensive Security OSCP, OSWP, OSEP, OSWA, OSWE, OSED, OSMR, OSEE, OSDA Exam and Lab Reporting / Note-Taking Tool☆729Updated 7 months ago
- A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automat…☆1,492Updated this week
- This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.☆509Updated last month
- A collection of CTF write-ups, pentesting topics, guides and notes. Notes compiled from multiple sources and my own lab research. Topics …☆500Updated 3 weeks ago
- A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomain…☆830Updated last year
- A RedTeam Toolkit☆385Updated last month
- RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers…☆583Updated 5 months ago
- Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.☆552Updated last week
- ☆584Updated this week
- Tool to bypass 403/40X response codes.☆1,113Updated 3 months ago
- Active Directory pentesting mind map☆301Updated last year
- Burp Suite Certified Practitioner Exam Study☆922Updated 3 weeks ago
- Automatic SSTI detection tool with interactive interface☆826Updated last month
- Real-world infosec wordlists, updated regularly☆1,400Updated this week
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆50Updated 6 months ago
- Tips on how to write exploit scripts (faster!)☆420Updated 4 months ago
- A OWASP Based Checklist With 500+ Test Cases☆642Updated 2 years ago
- NucleiFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications☆1,307Updated 2 months ago
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications☆943Updated 10 months ago
- ChatGPT Prompts for Bug Bounty & Pentesting☆554Updated last year
- Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search …☆515Updated 9 months ago
- ☆512Updated 4 months ago
- An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.☆554Updated last year
- linWinPwn is a bash script that streamlines the use of a number of Active Directory tools☆1,825Updated last week
- AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories,☆562Updated 8 months ago
- ☆493Updated 5 months ago
- An XSS exploitation command-line interface and payload generator.☆1,268Updated 4 months ago