Community curated list of templates for the nuclei engine to find security vulnerabilities.

The Pwning Machine

XS-Leak Browser Test Suite

XSS Hunter Burp Plugin

An XSS exploitation command-line interface and payload generator.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Careers and progression for engineers in the CTO organisation.

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

⛵ App Platform sample HTML application.

Never forget where you inject.

Find CVEs that don't have a Detectify modules.

The React Framework

Web dashboard for Interactsh client

A tool to inspect and attack version 1 GUIDs

Tool to bypass 40X response codes.

Reconnaissance tool for GitHub organizations

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…

Fast and customizable vulnerability scanner based on simple YAML based DSL.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Nuclei plugin for BurpSuite

a tool to enumerate the resource records of a DNS zone using its DNSSEC NSEC or NSEC3 chain

Find domains and subdomains related to a given domain

Take a list of domains and probe for working HTTP and HTTPS servers

Extract uncompiled, uncompressed SPA code from Webpack source maps.