BlackFan / content-type-research

Content-Type Research

trufflesecurity / force-push-scanner

Scan for secrets in dangling commits on GitHub using GH Archive data.

TupleType / awesome-cicd-attacks

Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.

trailofbits / skills

Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows

CyberDefenseInstitute / vscode-pwn-dev-container

A dev container for rapid prototyping of binary exploits.

skysider / pwndocker

A docker environment for pwn in ctf

xnl-h4ck3r / GAP-Burp-Extension

Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist

1ndianl33t / Gf-Patterns

GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep

0xBugatti / myAwesome

zigoo0 / JSONBee

A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.

hahwul / dalfox

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

irsdl / ysonet

Deserialization payload generator for a variety of .NET formatters

PurCL / RepoAudit

An autonomous LLM-agent for large-scale, repository-level code auditing

FDlucifer / Proxy-Attackchain

Proxylogon & Proxyshell & Proxyoracle & Proxytoken & All exchange server history vulns summarization :)

Darkrain2009 / RedExt

Chrome browser extension-based Command & Control

winmin / awesome-vm-exploit

share some useful archives about vm and qemu escape exploit.

V1NKe / learning-qemu

qemu vulnerablity.

paulveillard / cybersecurity-exploit-development

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidel...

step-security / github-actions-goat

GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

limitedeternity / HeapLAB

Udemy – Linux Heap Exploitation

shellphish / how2heap

A repository for learning various heap exploitation techniques.

RPISEC / MBE

Course materials for Modern Binary Exploitation by RPISEC

synacktiv / octoscan

Octoscan is a static vulnerability scanner for GitHub action workflows.

AdnaneKhan / gato-x

GitHub Attack Toolkit - Extreme Edition - A static analysis and exploit toolkit for GitHub Actions.

Findomain / Findomain

The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, ...

assetnote / nowafpls

Burp Plugin to Bypass WAFs through the insertion of Junk Data

WesleyWong420 / RedTeamOps-Havoc-101

Materials for the workshop "Red Team Ops: Havoc 101"

CyberSecurityUP / Red-Team-Exercises

trufflesecurity / trufflehog

Find, verify, and analyze leaked credentials

hmgle / graftcp

A flexible tool for redirecting a given program's TCP traffic to SOCKS5 or HTTP proxy.