A list of useful payloads and bypass for Web Application Security and Pentest/CTF

• UpdatedDec 12, 2025
• Python

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

• UpdatedOct 31, 2025
• JavaScript

A collection of hacking tools, resources and references to practice ethical hacking.

• UpdatedOct 16, 2023

A list of resources for those interested in getting started in bug bounties

• UpdatedJul 23, 2024

hydra

• UpdatedDec 16, 2025
• C

Program for determining types of files for Windows, Linux and MacOS.

• UpdatedDec 15, 2025
• JavaScript

📱 objection - runtime mobile exploration

• UpdatedNov 21, 2025
• Python

windows-kernel-exploits Windows平台提权漏洞集合

• UpdatedJun 11, 2021
• C

Tools and Techniques for Red Team / Penetration Testing

• UpdatedMar 18, 2025

A fast, simple, recursive content discovery tool written in Rust.

• UpdatedDec 16, 2025
• Rust

game of active directory

• UpdatedJul 16, 2025
• PowerShell

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

• UpdatedDec 11, 2025
• Shell

Cyber Security ALL-IN-ONE Platform

• UpdatedDec 18, 2025
• TypeScript

All about bug bounty (bypasses, payloads, and etc)

• UpdatedSep 8, 2023

One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

• UpdatedNov 6, 2025
• Python

Next generation web scanner

• UpdatedOct 19, 2025
• Ruby

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

• UpdatedJan 25, 2025
• PowerShell

An automated e-mail OSINT tool

• UpdatedFeb 2, 2024
• Go

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

• UpdatedJun 6, 2024
• C++

linux-kernel-exploits Linux平台提权漏洞集合

• UpdatedJul 13, 2020
• C