TryHackMe Learning from Scratch .. towards CBBH & CDSA

List of CyberSecurity Resources and some different Sub-Domains of CyberSecurity

An easy-to-use Web Application Firewall (WAF) for Node.js. Can be used with Express, Fastify, NextJS, NuxtJS ... or plain Node.js http.

Apache HugeGraph Server Unauthenticated RCE - CVE-2024-27348 Proof of concept Exploit

Information Security Library

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

A security tool designed to perform thorough scans on a target using OpenVAS, Zap, and Nexpose. It seamlessly consolidates and integrates the scan results, providing a comprehensive overview of the security vulnerabilities identified.

An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.

Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp

Artifacts for Airlock Microgateway, a Kubernetes native WAAP (Web Application and API Protection) solution to protect microservices.

Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist

Pentesting and Bug Bounty Notes, Cheetsheets and Guide

Portswigger web application security solutions

Automated NoSQL database enumeration and web application exploitation tool.

A cross-platform python based utility for information gathering and penetration testing automation!

🔐 teler Proxy enabling seamless integration with teler WAF 🛡️ to protect locally running web service against a web-based attacks. 🥷

Installation script for Codename SCNR.

An interactive bash script for detecting IDOR vulnerabilities. Automates the discovery of access control issues in web applications, enhancing the efficiency of bug bounty hunting.

REXEC-Hunt is an initial Bash script for identifying web app vulnerabilities leading to remote code execution. A foundational tool to automate detection, REXEC-Hunt is a stepping stone towards a comprehensive scanner. Clone, run, and probe URLs safely.