bugbounty-cheatsheet by EdOverflow

A list of interesting payloads, tips and tricks for bug bounty hunters.

created at July 13, 2017, 4:50 p.m.

240 +1

5,942 +16

1,553 +2

de4dot by de4dot

.NET deobfuscator and unpacker.

created at Sept. 20, 2011, 1:50 a.m.

514 +0

6,975 +10

2,692 +0

Empire by EmpireProject

Empire is a PowerShell and Python post-exploitation agent.

created at Aug. 5, 2015, 6:25 p.m.

489 +0

7,460 +13

2,820 +2

capstone by capstone-engine

Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), Alpha, BPF, Ethereum VM, HPPA, LoongArch, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.

created at Nov. 27, 2013, 2:32 a.m.

299 +0

7,608 +17

1,555 -1

retdec by avast

RetDec is a retargetable machine-code decompiler based on LLVM.

created at Dec. 12, 2017, 9:04 a.m.

242 -1

8,027 +10

949 +4

js-beautify by beautifier

Beautifier for javascript

created at Dec. 4, 2008, 6:35 a.m.

211 +0

8,634 +6

1,384 -2

Dependencies by lucasg

A rewrite of the old legacy software "depends.exe" in C# for Windows devs to troubleshoot dll load dependencies issues.

created at June 25, 2017, 3 p.m.

157 +1

9,140 +29

751 +3

subfinder by projectdiscovery

Fast passive subdomain enumeration tool.

created at March 31, 2018, 9:44 a.m.

155 +0

10,281 +30

1,277 +5

juice-shop by juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

created at Sept. 19, 2014, 2:53 p.m.

161 +0

10,468 +20

10,939 +47

movies-for-hackers by k4m4

🎬 A curated list of movies every hacker & cyberpunk must watch.

created at Feb. 19, 2017, 3:24 p.m.

384 +0

10,619 +5

896 +1

binwalk by ReFirmLabs

Firmware Analysis Tool

created at Nov. 15, 2013, 8:45 p.m.

359 +0

11,291 +59

1,559 +0

PowerSploit by PowerShellMafia

PowerSploit - A PowerShell Post-Exploitation Framework

created at May 26, 2012, 4:08 p.m.

781 +0

11,922 +15

4,612 +2

amass by owasp-amass

In-depth attack surface mapping and asset discovery

created at July 10, 2018, 4:05 p.m.

214 -2

12,076 +33

1,885 +3

dex2jar by pxb1988

Tools to work with android .dex and java .class files

created at March 16, 2015, 9:13 a.m.

442 +0

12,353 +17

2,118 +4

zaproxy by zaproxy

The ZAP by Checkmarx Core project

created at June 3, 2015, 4:55 p.m.

396 +0

12,745 +26

2,273 +6

jd-gui by java-decompiler

A standalone Java Decompiler GUI

created at March 25, 2015, 5:28 a.m.

510 +1

14,092 +20

2,398 +4

RustScan by RustScan

🤖 The Modern Port Scanner 🤖

created at July 11, 2020, 8 p.m.

134 +0

14,670 +27

987 +4

Ciphey by Ciphey

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

created at July 16, 2019, 8:20 p.m.

238 +0

18,225 +31

1,165 +2

mimikatz by gentilkiwi

A little tool to play with Windows security

created at April 6, 2014, 6:30 p.m.

914 -1

19,463 +25

3,731 +5

radare2 by radareorg

UNIX-like reverse engineering framework and command-line toolset

created at July 3, 2012, 7:42 a.m.

488 +1

20,710 +33

3,006 +3