cr3wcr3w
Follow
sec
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
Sample pentest report provided by TCM Security
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
A curated list of various bug bounty tools
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
🕵️♂️ All-in-one OSINT tool for analysing any website
This repository contains my complete resources and coding practices for malware development using Rust 🦀.
Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!
Open Cyber Threat Intelligence Platform
Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Red Team p…
Burp Plugin to Bypass WAFs through the insertion of Junk Data
A curated list of tools for incident response
x86-64 Malware Crypter built in Rust for Windows with Anti-VM, powered by memexec
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …
Collection of malware source code for a variety of platforms in an array of different programming languages.
A port of ParrotSec's stealth and anonsurf modules to Kali Linux
proxychains - a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Supported auth-types: "user/pass" fo…
Fast subdomains enumeration tool for penetration testers