This repository contains cutting-edge open-source security notes and tools that will help you during your Red Team assessments.

GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

Playbooks are used by cybersecurity professionals to store or encapsulate knowledge on cybersecurity topics and tactics. I will use these again and again in the field to deal with situations as the…

😱 A curated list of amazingly awesome OSINT

Leaked GPTs Prompts Bypass the 25 message limit or to try out GPTs without a Plus subscription.

A collection of PDF/books about the modern web application security and bug bounty.

A curated repository of incident response playbooks

A collection of cyber security books

Source code for Twitter's Recommendation Algorithm

This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them

Playbooks for SOC Analysts

📚 Directory of Python books

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios in the means of Exercises.

Python books free to read online or download

Smart contracts comprising the business logic of the Matic Network

A curated list of amazingly awesome Burp Extensions

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

Java web and command line applications demonstrating various security topics

Collection of Facebook Bug Bounty Writeups

ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.

Work in progress...

Web Application Security

Application Security Verification Standard

Community curated list of public bug bounty and responsible disclosure programs.

Payload Arsenal for Pentration Tester and Bug Bounty Hunters

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Web application fuzzer

An open source, online threat modeling tool from OWASP

The Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and security professionals.