Example: Client-Side Template Injection with Vue

Active Directory Labs/exams Review

XSS payloads designed to turn alert(1) into P1

Personal notes used to pass the OSWP exam

Automating XSS using Bash

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

Python Scripts to help you discover sensitive data like apikeys, accesstoken, authorizations, jwt,..etc in JavaScript files

Compiled Binaries for Ghostpack

Scripts to help with different ffuf tasks and workflows

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Automatic Enumeration Tool based in Open Source tools

Bypass WAF SQL Injection SQLMAP

Quick script to install all the required tools over a VPS (tested on DEBIAN)

📚 Freely available programming books

A script that you can run in the background!

This is vulnerable microservice written in many language to demonstrating OWASP API Top Security Risk (under development)

Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.

completely ridiculous API (crAPI)

Pre-Built Vulnerable Multiple API Scenarios Environments Based on Docker-Compose.

jSQL Injection is a Java application for automatic SQL database injection.

A fast tool to scan SAAS,PAAS App written in Go

Potentially dangerous files

Hi There today I published a checklist of strategies on Linux Privilege Escalation by Tib3rius

WebExtension that adds ability search all your bookmarked tweets!

BUG BOUNTY WRITEUPS - OWASP TOP 10 🔴🔴🔴🔴✔