A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

RouterOS Security Research Tooling and Proof of Concepts

Making Favicon.ico based Recon Great again !

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

Tools for BugHunting

ANTLR v4 grammar-based test generator

Tools of "The Bug Hunters Methodology V2 by @jhaddix"

A list of useful payloads and Bypass for Web Application Security and Bug Bounty/CTF

BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.

Hacking tools

Here I gather all the resources about hacking that I find interesting

R3C0Nizer is the first ever CLI based menu-driven web application B-Tier recon framework.

Hunt down the secrets from the WebArchives for Fun and Profit

Fuzzinator Random Testing Framework

Docker Remote API Scanner and Exploit

Weaponizing Live CT logs for automated monitoring of assets

Bug Bounty stuffs, payloads, scripts, profiles, tips and tricks, ...

Cyber Security Notes, Methodology, Resources and Tips

The official OWASP BLT App repository/ Heist 'em bugs!

SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.