Security and Pen-Testing

Online Tools

UrlDescription
PayloadsAllTheThingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
external-protocol-floodingScheme flooding vulnerability: how it works and why it is a threat to anonymous browsing

Tools

UrlDescription
DepixRecovers passwords from pixelized screenshots
RedRabbitPowerShell script aimed at helping pentesters conduct ethical hacking #RedTeam. The aim is to highlight just how Powerful PowerShell is and how it can be used against you (Ethically)
social-analyzerAPI, CLI & Web App for analyzing & finding a person’s profile across social media \ websites (Detections are updated regularly)
cve-searchcve-search - a tool to perform local searches for known vulnerabilities
Infection Monkey[Infection Monkey](Infection Monkey - An automated pentest tool ) - An automated pentest tool
SocialFishEducational Phishing Tool & Information Collector
bettercapThe Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks
mimikatzA little tool to play with Windows security, see also here

Resources

UrlDescription
KingOfBugBountyTipsShare tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters.
Incident-PlaybookGOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
Hack Code DevelopAn awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, …)
hacktricksWelcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news