A collection of various awesome lists for hackers, pentesters and security researchers

Web path scanner

A list of resources for those interested in getting started in bug bounties

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

The all-in-one browser extension for offensive security professionals 🛠

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

A Workflow Engine for Offensive Security

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

Applied offensive security with Rust - https://kerkour.com/black-hat-rust

A Security Tool for Bug Bounty, Pentest and Red Teaming.

A collection of awesome one-liner scripts especially for bug bounty tips.

This challenge is Inon Shkedy's 31 days API Security Tips.

Semi-automatic OSINT framework and package manager

Collection of quality safety articles. Awesome articles.

Subdomain Takeover tool written in Go

🕵️ OSINT Tools for gathering information and actions forensics 🕵️

A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

一款信息泄漏利用工具，适用于.git/.svn/.DS_Store泄漏和目录列出

API Security Project aims to present unique attack & defense methods in API Security field