SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

A list of resources for those interested in getting started in bug bounties

Community curated list of templates for the nuclei engine to find security vulnerabilities.

A curated list of tools for incident response

Infection Monkey - An open-source adversary emulation platform

🍯 T-Pot - The All In One Honeypot Platform 🐝

Collection of methodology and test case for various web vulnerabilities.

A list of interesting payloads, tips and tricks for bug bounty hunters.

Next generation web scanner

🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens

Awesome XSS stuff

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

Penetration tests guide based on OWASP including test cases, resources and examples.

The SOC Analysts all-in-one CLI tool to automate and speed up workflow.

Automated & Manual Wordlists provided by Assetnote

Some files for bruteforcing certain things.

Community curated list of public bug bounty and responsible disclosure programs.

This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with the AWAE course. This repo will likely contain custom code by…

OSWE Preparation