A modern 64-bit position independent implant template

A collection of templates for bug bounty reporting

Security Remediation Guides

The Bug Hunters Methodology

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…

List of reporting templates I have used since I started doing BBH.

Scripts for offensive security

Informational Repository tracking times that real world bugs have come out of CTF challenges intentionally or otherwise

Quick research done on some bug bounty blogs! Check em out :)

Demo of various ways to exploit post based reflected XSS

always updating

A Frida script that disables Flutter's TLS verification

Oversecured Vulnerable iOS App

An archive of low-level CTF challenges developed over the years

some learning notes about Web Application Security、 Penetration Test

🚀 XSSFUZZ - A tool for detecting XSS vulnerabilities in web applications.

Here Are Some Popular Hacking PDF

A reverse engineering framework for iOS

Automating situational awareness for cloud penetration tests.

A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.

The most unusual OSINT guide you've ever seen. The repository is intended for bored professionals only. PRs are welcome!

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

A simple tool for bypassing file upload restrictions.

Vulnerable demo application for the race condition

Collection of resources related to phishing

Hide 🕵️‍♂️ your files of any type inside a image of your choice using steganography

iptables rules for Tor relay operators to mitigate ddos