#resources

Nuclei templates on offsec.tools
Sponsor
Nuclei templates

Community curated list of templates for the Nuclei engine to find security vulnerabilities.

#cves   #fuzzing   #payloads   #resources   #scanner   #secrets   #vulnerabilities  

Payloads All The Things on offsec.tools
Featured
Payloads All The Things

A list of useful payloads and bypass for Web Application Security.

#bypass   #exploits   #payloads   #resources  

resolvers on offsec.tools
resolvers

The most exhaustive list of reliable DNS resolvers.

#dns   #probing   #resources   #subdomains  

Kaeferjaeger on offsec.tools
Kaeferjaeger

Lists of resources: cdn ranges, ips ranges, sni ip ranges...

#cdn   #cloud   #ips   #online   #resources   #subdomains  

PwnDoc on offsec.tools
PwnDoc

Pentest report generator.

#reports   #resources  

cve on offsec.tools
cve

Gather and update all available and newest CVEs with their PoC.

#cves   #exploits   #poc   #resources  

Offensive Security on offsec.tools
Offensive Security

Offensive Security Youtube channel.

#learning   #resources   #training   #videos  

Damn Vulnerable Bank on offsec.tools
Damn Vulnerable Bank

A vulnerable Android application with an interface to test your mobile hacking skills.

#android   #mobile   #resources   #training  

BugBountyHunting on offsec.tools
BugBountyHunting

Search Bug Bounty writeups easily.

#bugbounty   #online   #resources   #writeups  

DEFCON on offsec.tools
DEFCON

The world’s most prominent and well-known computer security conferences.

#hackers   #learning   #resources   #videos  

GTFOBins on offsec.tools
GTFOBins

Unix binaries that can be used to bypass local security restrictions in misconfigured systems.

#binaries   #linux   #privesc   #resources  

LOLBAS on offsec.tools
LOLBAS

Living Off The Land Binaries, Scripts and Libraries.

#binaries   #privesc   #resources   #windows  

GTFOArgs on offsec.tools
GTFOArgs

Unix binaries that can be manipulated for argument injection.

#binaries   #linux   #privesc   #resources  

LOOBins on offsec.tools
LOOBins

Living Off the Orchard: macOS Binaries.

#binaries   #macos   #privesc   #resources  

Seela on offsec.tools
Seela

Boost the cybersecurity skills of your teams with the cyber knowledge library.

#ctf   #learning   #resources   #training  

Fresh Resolvers on offsec.tools
Fresh Resolvers

List of fresh DNS resolvers updated every 12h.

#dns   #probing   #resources   #subdomains  

c{api}tal on offsec.tools
c{api}tal

A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities.

#api   #owasp   #resources   #training  

nuclei-wordfence-cve on offsec.tools
nuclei-wordfence-cve

Collection of Nuclei templates dedicated to WordPress core, plugins and themes vulnerabilities.

#cves   #resources   #templates   #wordfence   #wordpress  

Awesome-CobaltStrike on offsec.tools
Awesome-CobaltStrike

List of awesome CobaltStrike resources.

#c2c   #cobaltstrike   #learning   #resources  

The Wordlists on offsec.tools
The Wordlists

A collection of wordlists for many different usages.

#resources   #wordlists  

CTFd on offsec.tools
CTFd

A Capture The Flag framework focusing on ease of use and customizability.

#ctf   #framework   #resources   #training  

awesome-cve-poc on offsec.tools
awesome-cve-poc

A collection about Proof of Concepts of Common Vulnerabilities and Exposures.

#cves   #exploits   #poc   #resources   #vulnerabilities  

reapoc on offsec.tools
reapoc

OpenSource Poc && Vulnerable-Target Storage Box.

#cves   #exploits   #poc   #resources   #vulnerabilities  

TryHackMe on offsec.tools
TryHackMe

Hands-on cyber security training through real-world scenarios.

#learning   #online   #resources   #training  

DVWA on offsec.tools
DVWA

Damn Vulnerable Web Application.

#fileupload   #learning   #resources   #sqli   #training   #xss  

Hack The Box on offsec.tools
Hack The Box

Massive hacking playground, and infosec community.

#learning   #online   #resources   #training  

OWASP Juice Shop on offsec.tools
OWASP Juice Shop

Probably the most modern and sophisticated insecure web application.

#learning   #online   #resources   #training  

VulnHub on offsec.tools
VulnHub

Provide materials that allows anyone to gain practical 'hands-on' experience in security.

#learning   #resources   #training   #vm   #vulnerabilities  

WebGoat on offsec.tools
WebGoat

Deliberately insecure application.

#learning   #resources   #training   #vulnerabilities  

bWAPP on offsec.tools
bWAPP

An extremely buggy web application!.

#learning   #resources   #training   #vulnerabilities  

Can I Take Over DNS? on offsec.tools
Can I Take Over DNS?

A list of DNS providers and how to claim (sub)domains via missing hosted zones.

#dns   #resources   #subto  

windows-kernel-exploits on offsec.tools
windows-kernel-exploits

A list of Windows kernel exploits.

#cves   #exploits   #kernel   #resources   #windows  

Awesome BugBounty Writeups on offsec.tools
Awesome BugBounty Writeups

A curated list of bugbounty writeups (Bug type wise).

#bugbounty   #resources   #writeups  

Bug Bounty Reference on offsec.tools
Bug Bounty Reference

A list of Bug Bounty writeups that is categorized by the bug nature.

#bugbounty   #resources   #vulnerabilities   #writeups  

Awesome Bug Bounty on offsec.tools
Awesome Bug Bounty

A comprehensive curated list of available Bug Bounty & disclosure programs and writeups.

#bugbounty   #platforms   #resources   #writeups  

open-sesame on offsec.tools
open-sesame

Contains HackerOne disclosed reports and other bug bounty writeups.

#bugbounty   #hackerone   #reports   #resources  

AllAboutBugBounty on offsec.tools
AllAboutBugBounty

Bug Bounty notes gathered from various sources.

#bugbounty   #cms   #framework   #payloads   #resources   #vulnerabilities  

gitscraper on offsec.tools
gitscraper

Scrapes public GitHub repositories for common naming conventions in variables, folders and files.

#directories   #endpoints   #files   #github   #parameters   #resources  

h1-search on offsec.tools
h1-search

Request the public disclosures on a specific HackerOne program.

#bugbounty   #hackerone   #reports   #resources  

Yoga on offsec.tools
Yoga

Your OSINT Graphical Analyzer.

#online   #osint   #resources   #usernames  

OWASP on offsec.tools
OWASP

A nonprofit foundation that works to improve the security of software.

#cheatsheets   #learning   #resources   #training  

PentesterLand on offsec.tools
PentesterLand

Sharing knowledge that makes your life as bug hunters and pentesters easier.

#reports   #resources   #writeups  

DefaultPassword on offsec.tools
DefaultPassword

Default passwords database sorted by manufacturers.

#passwords   #resources  

Hacker101 on offsec.tools
Hacker101

A free class for web security.

#hackerone   #learning   #resources   #training  

Exploitalert on offsec.tools
Exploitalert

Exploits found on the INTERNET.

#cves   #exploits   #resources   #vulnerabilities  

The Exploit Database on offsec.tools
The Exploit Database

Archive of public exploits and corresponding vulnerable software.

#cves   #exploits   #resources   #vulnerabilities  

Cross-site scripting cheat sheet on offsec.tools
Cross-site scripting cheat sheet

PortSwigger XSS cheat sheet that contains many vectors that can help you bypass WAFs and filters.

#payloads   #resources   #xss  

Bug Bounty Guide on offsec.tools
Bug Bounty Guide

Launchpad for bug bounty programs and bug bounty hunters.

#bugbounty   #resources  

Burp Extender API on offsec.tools
Burp Extender API

Burp Extender API.

#api   #burpsuite   #resources  

PortSwigger Cross-Site Scripting cheatsheet data on offsec.tools
PortSwigger Cross-Site Scripting cheatsheet data

All the XSS cheatsheet data to allow contributions from the community.

#payloads   #resources   #xss  

SecLists on offsec.tools
SecLists

Collection of multiple types of lists used during security assessments, collected in one place.

#fuzzing   #passwords   #payloads   #resources   #wordlists  

bounty-targets-data on offsec.tools
bounty-targets-data

Hourly-updated data dumps of bug bounty platform scopes that are eligible for reports.

#bugbounty   #bugcrowd   #federacy   #hackenproof   #hackerone   #intigriti   #resources   #yeswehack  

Can I take over XYZ? on offsec.tools
Can I take over XYZ?

A list of services and how to claim (sub)domains with dangling DNS records.

#resources   #subdomains   #subto   #vulnerabilities  

Default Credentials Cheat Sheet on offsec.tools
Default Credentials Cheat Sheet

One place for all the default credentials to assist on finding devices with default password.

#passwords   #resources  

IntruderPayloads on offsec.tools
IntruderPayloads

Payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

#burpsuite   #fuzzing   #owasp   #resources   #wordlists  

sub-domain enumeration techniques on offsec.tools
sub-domain enumeration techniques

Esoteric sub-domain enumeration techniques - Bugcrowd LevelUp

#bugcrowd   #resources   #subdomains   #wordlists  

FuzzDB on offsec.tools
FuzzDB

Attack patterns and primitives for black-box application fault injection and resource discovery.

#fuzzing   #payloads   #resources   #wordlists