Offsec Pentest and Bug Bounty Notes
☆24May 28, 2020Updated 5 years ago
Alternatives and similar repositories for secrets
Users that are interested in secrets are comparing it to the libraries listed below
Sorting:
- Exploits for different vulnerabilities☆13Nov 29, 2021Updated 4 years ago
- Python script to launch burp scans automatically☆32Jul 18, 2021Updated 4 years ago
- ☆21Dec 4, 2014Updated 11 years ago
- Recon for Pentesting and BugBounty 🕵️☆14Jan 14, 2026Updated last month
- Credax - Fuzzing Tool with Slack Notifications. Also removes false positive responses.☆10Oct 14, 2021Updated 4 years ago
- A small pentesting lab for Azure☆10Apr 19, 2019Updated 6 years ago
- ☆24Jan 26, 2021Updated 5 years ago
- Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.☆13Aug 4, 2025Updated 7 months ago
- ☆10Apr 6, 2024Updated last year
- Recon scripts for bug hunting☆10Nov 19, 2021Updated 4 years ago
- A handy plugin for copying requests/responses directly from Burp, some extra magic included.☆13Oct 15, 2021Updated 4 years ago
- ☆11May 15, 2020Updated 5 years ago
- A folder to serve tools from during PT/Red Team engagements. Contains common executables and scripts for privesc, recon, pivoting and CVE…☆15Mar 15, 2024Updated last year
- Customized docker images generation toolkit☆25Oct 14, 2021Updated 4 years ago
- ☆14Jul 10, 2025Updated 7 months ago
- A bash script that automates the process of service discovery on specified target hosts. The aim of the scripts is reducing scan time, in…☆11May 14, 2025Updated 9 months ago
- ☆12May 16, 2020Updated 5 years ago
- ☆16Mar 29, 2024Updated last year
- Generate wordlists for fuzzing API method names☆55Oct 16, 2020Updated 5 years ago
- Pentesting notes☆19Jan 31, 2026Updated last month
- ThreadsApp is a web application built with a purpose of helping people learn web application security.☆17Nov 22, 2024Updated last year
- Several Python scripts used to fuzz and exploit SLmail. These are meant to supplement the Kali Linux Hands-on Pentesting Udemy course.☆16Dec 24, 2018Updated 7 years ago
- Effectively search the Exploit-DB☆15Apr 16, 2020Updated 5 years ago
- An authentication and RBAC authorization library using JWT for Go 1.7+☆14Dec 6, 2017Updated 8 years ago
- ☆18Oct 4, 2020Updated 5 years ago
- ☆21Mar 16, 2021Updated 4 years ago
- Automated tool to find backup files that may disclose a website's source code☆20Oct 13, 2022Updated 3 years ago
- Automate the scanning and enumeration of machines externally while maintaining complete control over scans shot to the targets with the s…☆17Oct 25, 2021Updated 4 years ago
- Beacon Object Files used for Cobalt Strike☆19Jul 18, 2023Updated 2 years ago
- A Payload Injector for bugbounties written in go☆70Jul 18, 2020Updated 5 years ago
- A set of tools, procedures, and playbooks for performing bug bounties☆17Dec 2, 2018Updated 7 years ago
- ☆20Dec 29, 2024Updated last year
- Insecure Deserialization, PDF and lab☆18Nov 19, 2019Updated 6 years ago
- API Pentesting notes.☆96Nov 4, 2024Updated last year
- A deep look at some recon methodologies and web-application vulnerabilities of my interest where I will merge all my notes gathered from …☆109Dec 13, 2022Updated 3 years ago
- Available-for-hire badge☆17Oct 31, 2016Updated 9 years ago
- Vulnerable FastAPI in reference to Opensource Web Application Security Project (OWASP) TOP 10: 2021☆16Jan 3, 2022Updated 4 years ago
- parse ffuf & map endpoints to wordlists☆21Feb 25, 2021Updated 5 years ago
- Exploits of different CVE IDs (CVE-2021-37910, CVE-2021-40288, CVE-2021-41435, CVE-2021-41436, CVE-2021-41437, CVE-2021-41441, CVE-2021-4…☆17Oct 19, 2022Updated 3 years ago