Stars
An Intentionally designed Vulnerable Android Application built in Kotlin.
Unsecure time-based secret exploitation and Sandwich attack implementation Resources
OWASP Thick Client Application Security Verification Standard
A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
A collection of awesome one-liner scripts especially for bug bounty tips.
Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
A collection of PDF/books about the modern web application security and bug bounty.
Go parser for maven Project Object Model (POM) file
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
Canarytokens helps track activity and actions on your network.
A tool for embedding XXE/XML exploits into different filetypes
kunwu是新一代webshell检测引擎,使用了内置了模糊规则、污点分析模拟执行、机器学习三种高效的检测策略
一款支持自定义的 Java 内存马生成工具|A customizable Java in-memory webshell generation tool.
JavaWeb MemoryShell Inject/Scan/Killer/Protect Research & Exploring
Some payloads of JNDI Injection in JDK 1.8.0_191+