🔥 Web-application firewalls (WAFs) from security standpoint.

Opensource IDE For Exploring and Testing Api's (lightweight alternative to postman/insomnia)

#1 Locally hosted web application that allows you to perform various operations on PDF files

Quick research done on some bug bounty blogs! Check em out :)

Browser extension to spoof timezone, geolocation, locale and user agent.

moniorg is a tool that leverages crt.sh website to monitor domains of a target

Obtain GraphQL API schema despite disabled introspection!

S3 Account Search

A tool for exploring each layer in a docker image

IPFuscator - A tool to automatically generate alternative IP representations

WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find entry points to the organization data.

Chrome Extension for one click downloading all resources files and keeping folder structures.

Vajra is a UI-based tool with multiple techniques for attacking and enumerating in the target's Azure and AWS environment. It features an intuitive web-based user interface built with the Python Fl…

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

A curated list of resources dedicated to open source GitHub repositories related to ChatGPT

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

A list of helpful cybersecurity / infosec resources

🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

Rockyou for web fuzzing

json incremental digger

Checklist of the most important security countermeasures when designing, testing, and releasing your API

GitHub Data Analysis Framework.

Red Team Cheatsheet in constant expansion.

Top disclosed reports from HackerOne

A collection of awesome links I've compiled that are related to cybersecurity.

Some files for bruteforcing certain things.

💖 A curated list of awesome things

Reverse engineering JavaScript and CSS sources from sourcemaps