A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
created at Feb. 13, 2016, 11 p.m.
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
created at Sept. 1, 2016, 12:53 p.m.
A fast sub domain brute tool for pentesters
created at April 1, 2015, 7:22 a.m.
🎯 SQL Injection Payload List
created at Oct. 30, 2019, 5:03 a.m.
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
created at Sept. 13, 2014, 12:08 a.m.
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com
created at July 11, 2012, 8:27 p.m.
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
created at Aug. 24, 2016, 3:12 p.m.
Incredibly fast crawler designed for OSINT.
created at March 30, 2018, 7:38 p.m.
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
created at April 23, 2018, 6:09 a.m.
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
created at Sept. 10, 2015, 5:54 p.m.
Fast and customizable vulnerability scanner based on simple YAML based DSL.
created at April 3, 2020, 6:47 p.m.