Tips and Tutorials for Bug Bounty and also Penetration Tests.

Convenient JavaScript function that serializes Objects to FormData instances.

MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

一键破解APK签名校验

A tool for reverse engineering Android apk files

Dex to Java decompiler

Hidden parameters discovery suite

Quickly discover exposed hosts on the internet using multiple search engines.

Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.

webrecon

How to implement Stripe without going mad

🌍 Real-time 3D visualization of Nano cryptocurrency networks - Watch live transactions fly across an interactive globe with 🚀 SpaceX-inspired animations

An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability

Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently supports Azure DevOps, GitHub and GitLab.

CeWL is a Custom Word List Generator

A comprehensive bug bounty methodology compiled from extensive research, covering web application reconnaissance, checklists, and methods for identifying various bugs. This guide aims to help bug h…

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the contr…

World's fastest and most advanced password recovery utility

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

A high-speed tool for passively gathering URLs, optimized for efficient and comprehensive web asset discovery without active scanning.

A stunning, functional and responsive retractable sidebar for Next.js built on top of shadcn/ui.

Malware Configuration And Payload Extraction

403/401 Bypass Methods + Bash Automation + Your Support ;)