Starred repositories
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
AWSGoat : A Damn Vulnerable AWS Infrastructure
Find AWS S3 buckets and test their permissions.
Toolkit to detect and keep track on Blind XSS, XXE & SSRF