ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Twitter vulnerable snippets

Payload Arsenal for Pentration Tester and Bug Bounty Hunters

Find AWS S3 buckets and test their permissions.

List of payloads and wordlists that are specifically crafted to identify and exploit vulnerabilities in target web applications.

Cross-site scripting labs for web application security enthusiasts

Tools and datas related to Bug Bounty.

A PHP tool to brute force vhost configured on a server.

Yet Another PHP Shell - The most complete PHP reverse shell

Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.

This is my personal repo, which includes bug bounty tips, a collection of tools, one-liners, and other resources I personally prefer while hunting. It is still under development, so feel free to contribute.

Alternative to XSS Hunter for blind XSS.

Materi memulai penetration testing dari nol berbahasa Indonesia.

Bug Bounty statistics tool.

finds hidden parameters

Extract endpoints from source files.

This project is a vulnerable web application to practice on. It is designed for educational purposes to help security enthusiasts and developers understand and mitigate common web vulnerabilities.

Webapp to perform regexp search over GitHub search.

xss platform / xss平台 docker化， 一键启动xss平台，从此跟繁琐的搭环境say byebye!