FFUF patterns that consistently surface attack surface fast: Directories and extensions ffuf -w raft-medium-words.txt -u target.com/FUZZ -e .php,.aspx,.jsp,.json,.xml -mc 200,204,301,302,307,401,403 -t 150 -ac Parameter discovery (GET) ffuf -w params.txt -u

pwnedOrNot: An OSINT Tool for Finding Passwords of Compromised Email Accounts GitHub: github.com/thewhiteh4t/pw… Per the repo: "pwnedOrNot works in two phases. In the first phase it tests the given email address using HaveIBeenPwned v3 API to find if the account have been breached

ReconSpider: Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations and find out information from different sources. GitHub: github.com/bhavsec/recons…

If you’re a pentester exploring how to bring AI into your workflow, check out 𝗛𝗲𝘅𝗦𝘁𝗿𝗶𝗸𝗲 𝗔𝗜 🔥 Connects LLMs with 150+ tools and 12+ AI agents to automate pentesting.Ask ChatGPT 🔗 github.com/0x4m4/hexstrik… #Cybersecurity #Pentest

↳ Bug Bounty Resource Guide Topics • SQL Injection …cking-resources-guide-2025.vercel.app/sql-injection • XSS (Cross-Site Scripting) …cking-resources-guide-2025.vercel.app/xss • CSRF (Cross-Site Request Forgery) …cking-resources-guide-2025.vercel.app/csrf • RCE (Remote Code Execution) …cking-resources-guide-2025.vercel.app/rce • LFI (Local File

1/3💡Argus is an all-in-one, Python-powered toolkit designed to streamline the process of information gathering and reconnaissance. GitHub: github.com/jasonxtn/Argus

Obsidian OSINT Templates & Plugins - Sample Obsidian Graph - Entities - Properties - Learn Obsidian for OSINT - Best Practices - Recommended Plugins - Obsidian Basics github.com/resistec/obsid… #osint #obsidian

GitHub - resistec/obsidian-osint-templates: Custom templates for OSINT investigations designed to advance pivoting. github.com/resistec/obsid…

Antidetect tools List of resources for web browsing privacy and anonymity: - Anti-detect browsers - Anti-detect libs - Humanizing - Captha solvers - SMS confirmations - Proxies - Antidetection tips github.com/TheGP/untidete…

API security checklist is a critical resource for developers and security professionals. Comprehensive guide to identifying and mitigating vulnerabilities Here's a breakdown of key areas to focus on from the checklist: #bugbounty #bugbountytips 👉 : github.com/shieldfy/API-S…

~XSS checklist With a new video out ! youtu.be/wI0uxV_U1lc #bugbounty

26 Awesome AI Security Lists 1️⃣ github.com/wearetyomsmnv/… 2️⃣ github.com/kaplanlior/oss… 3️⃣ github.com/corca-ai/aweso… 4️⃣ github.com/zmre/awesome-s… 5️⃣ github.com/DeepSpaceHarbo… 6️⃣ github.com/Billy1900/Awes… 7️⃣ github.com/trailofbits/aw… 8️⃣ github.com/RiccardoBiosas… 9️⃣ github.com/disesdi/mlseco… 🔟

📌RedTiger-Tools is a free multi-tool with numerous features for Penetration Testing, OSINT, Network Scanning, Hacking, and more 🔗github.com/loxy0dev/RedTi…

📍JWTAuditor - Advanced JWT Pentesting Platform github.com/dr34mhacks/jwt…

Stop wasting time on CTF challenges. Learn Docker security, EDR evasion, network segmentation, SAML/OAuth flows, WAF configuration, and how to debug production incidents. You'll be 10x more hireable than someone who rooted 500 vulnerable VMs.

GooFuzz: A tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking). GitHub: github.com/m3n0sd0n4ld/Go…

Open-source tool to track location or mobile number.

🎬 New Video: Ever wondered how hackers sneak JavaScript into PDFs? Dive into PDF exploits, file upload vulnerabilities, and code injection techniques. Step-by-step demo included! 🖥️ youtu.be/P4Xf0SHqqqo #CyberSecurity #EthicalHacking #PDFHack #JSInjection #HackingTutorial