A collection of various awesome lists for hackers, pentesters and security researchers

Web path scanner

A list of resources for those interested in getting started in bug bounties

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

The all-in-one browser extension for offensive security professionals 🛠

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

A Workflow Engine for Offensive Security

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

A Security Tool for Bug Bounty, Pentest and Red Teaming.

Applied offensive security with Rust - https://kerkour.com/black-hat-rust

A collection of awesome one-liner scripts especially for bug bounty tips.

This challenge is Inon Shkedy's 31 days API Security Tips.

Collection of quality safety articles. Awesome articles.

Semi-automatic OSINT framework and package manager

Subdomain Takeover tool written in Go

A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.

🕵️ OSINT Tools for gathering information and actions forensics 🕵️

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

一款信息泄漏利用工具，适用于.git/.svn/.DS_Store泄漏和目录列出

API Security Project aims to present unique attack & defense methods in API Security field