thenextme
Follow
Lists (18)
Starred repositories
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Fast subdomains enumeration tool for penetration testers
A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
π‘οΈ Open-source and next-generation Web Application Firewall (WAF)
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Directory/File, DNS and VHost busting tool written in Go
A list of resources for those interested in getting started in bug bounties
An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com
π₯ Web-application firewalls (WAFs) from security standpoint.
A next-generation crawling and spidering framework.
All about bug bounty (bypasses, payloads, and etc)
ππ¦ Dalfox is a powerful open-source XSS scanner and utility focused on automation.
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, seβ¦
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
Checklist of the most important security countermeasures when designing, testing, and releasing your API
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
π± A curated list of amazingly awesome OSINT
WebGoat is a deliberately insecure application
A collection of various awesome lists for hackers, pentesters and security researchers
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
