A tool to find cloud buckets from Domains and Subdomains using Google, DNS, Gray Hat Warfare and all might Scraping

Popping Shells With VS Code Extensions

Pre-Built Vulnerable Environments Based on Docker-Compose

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

收集、整理、修改互联网上公开的漏洞POC

Collection of methodology and test case for various web vulnerabilities.

历史漏洞的细节以及利用方法汇总收集

MinGW-W64 compiler binaries

An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer

POC for CVE-2023-38646

Penetration-List: A comprehensive resource for testers, covering all types of vulnerabilities and materials used in Penetration Testing. Includes payloads, dorks, fuzzing materials, and offers in-d…

TOP All bugbounty pentesting CVE-2023- POC Exp RCE example payload Things

An advanced subdomain discovery service with fast, powerful and easy to use API and DNS history.

🔍 Github CVE POC 信息监控推送 🚀

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

PoC. Severity critical.

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

Security Books, Mind-Maps, Vulnerabilities Notes, methodologies, fuzzing lists, writeups, disclosed reports and Bug-Bounty-Tips

A cheat sheet that contains advanced queries for SQL Injection of all types.

A framework to help red team construct fully customizable and automated APT attacks easily.

Bug Bounty Notes

baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability

MITRE ATT&CK in CSV form