In-depth repository of Telegram OSINT resources covering, tools, techniques & tradecraft.

A tool to analyze multi-byte xor cipher

A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON

A fast tool to scan CRLF vulnerability written in Go

Steganalysis web platform

File upload vulnerability scanner and exploitation tool.

Fetching passwords from the chrome browser database

Nuclei AI - Browser Extension for Rapid Nuclei Template Generation

Realtime log viewer for containers. Supports Docker, Swarm and K8s.

Burp Extension to add additional functionality for pentesting websocket based applications

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Hardware Hacking ES Comunidad

Tool to perform GCP Domain Wide Delegation abuse and access Gmail and Drive data

cloudgrep is grep for cloud storage

ChatGPT DAN, Jailbreaks prompt

A collection of awesome security hardening guides, tools and other resources

🔓 CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI.

This Burp Suite extension is designed to bypass Web Application Firewalls (WAFs) by padding HTTP requests with dummy data.

AV/EDR evasion via direct system calls.

A script that parses PowerView's output for GPO analysis. Integrated into bloodhound to find misconfigurations of URA, SMB signing etc

Automatic SSRF fuzzer and exploitation tool

Open Redirection Analyzer

XSS payloads designed to turn alert(1) into P1

jsleak is a tool to find secret , paths or links in the source code during the recon.

CeWL is a Custom Word List Generator

Here I gather all the resources about hacking that I find interesting