Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.

The most exhaustive list of reliable DNS resolvers.

best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect

This is a curated list of resources about code reviews: articles, tools, trainings...

A powerful asynchronous XSS scanner supporting up to 1,500 concurrent requests.

CVE-2024-32640 | Automated SQLi Exploitation PoC

Top disclosed reports from HackerOne

😎 Awesome lists about all kinds of interesting topics

🔥 JavaScript talks you have to see 📺 on functional programming, performance, frameworks, React, debugging, leveling up, and more! ⚡️

Course Piracy Index 🏴‍☠️

A collection of bookmarks for penetration testers, bug bounty hunters, malware developers, reverse engineers and anyone who is just interested in infosec topics.

A collection of hacking tools, resources and references to practice ethical hacking.

Bug Bounty Roadmaps

Red Teaming & Pentesting checklists for various engagements

An awesome list of FREE resources for training, conferences, speaking, labs, reading, etc that are free. Originally built during COVID-19 for cybersecurity professionals with downtime can take adva…

This is a resource factory for anyone looking forward to starting bug hunting and would require guidance as a beginner.

Knock Subdomain Scan

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

My Handy Google Dorks for Hunting/Pentesting

This repository contains my writeups for the labs in PortSwigger's Web Security Academy platform. Each lab writeup includes the lab's name, description, and my step-by-step solution, as well as any…

A collection of solutions for every PortSwigger Academy Lab (in progress)

This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter

A collection of solutions for every PortSwigger Academy Lab (in progress)

⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)

The labs for my Udemy course (https://www.udemy.com/course/intro-to-bug-bounty-by-nahamsec)

A list of resources for those interested in getting started in bug bounties

A list of useful payloads and bypass for Web Application Security and Pentest/CTF