OpenAI Gym environments for an open-source quadruped robot (SpotMicro)

A vulnerable web application to practice different types of vulnerabilities

A automation suite

Google dorks for bug bounty hunting

A collection of awesome one-liner scripts especially for bug bounty tips.

Top parameters list for different vulnerabilities

Local file inclusion exploitation tool

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Python Tool that gives you the ability to run Advanced Google Queries (Known as Google Dorks - Google Dorking)

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Linux enumeration tool for pentesting and CTFs with verbosity levels

Fetch all the URLs that the Wayback Machine knows about for a domain

Fast web fuzzer written in Go

Fast passive subdomain enumeration tool.

Find domains and subdomains related to a given domain

40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...

dupremove is a multithreaded tool that reads file from stdin and removes all the duplicate strings, integers and lot more.

A collection of payloads for different vulnerabilities, best payload lists in one repository

Automated All-in-One OS Command Injection Exploitation Tool.

Extracts .js URLs from the given URL

grepX is a multi-threaded CLI tool which extracts some special URLs with parameters that may be vulnerable. Each pattern will output different URLs according to its parameters.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

URLparser is a CLI tool extracts URLs from the given URL

A collection of resources and a guide for OSCP preparation.

Learn how to automate XSS, SSRF, LFI, SQLI, NoSQLi

Learn what is NoSQL injection and how to find them ?

A automated penetration testing tool