A great alternative to have for web discovery during web app pen tests or bug bounties.
CLI Web Discovery Alternative to Dirb, Dirsearch, Etc
Category: Penetration Testing
All in One RF/HID reader/writer smaller then the ProxMark?!
A great and useful device for any physical penetration test or hardware hacking engagement.
An Azure AD Recon and Exploitation Framework
A toolset for performing recon and exploiting an Azure AD instance.
Holy Smokes Batman! Another big repo of Bug Bounty Reports, Cheat sheets, Checklists and more!
Another Repo of Web Application and API Bug Bounty, Penetration test and security assessment documents, reports and more!
Custom Formula CSV XLS XLSX Injection Wordlist
Created my own Formula/CSV/XLS/XLSX formula injection wordlist and added it to TreeHouse wordlists!
OneListForAll added to Treehouse Wordlists!
An awesome wordlist repo added to TreeHouse Wordlists! Yay!
Great example of the dangers of an Android app compiled with Debugging enabled
A concrete example of the dangers of compiling an Android application with debugging enabled.
Tool for performing OSINT against Firebase (Mobile Apps)
Best tool for enumeration against FireBase enivornments!
STOP USING DEFAULT PASSWORDS
A large trove of default username and passwords for all kinds of products!
Interested in XXE?
XXE is an awesome web application attack vector. Here is a great recommended short course on the subject!