A collection of various awesome lists for hackers, pentesters and security researchers
-
Updated
Jun 10, 2024
Fuzzing or fuzz testing is an automated software black box testing technique that evaluates the program's reaction to providing invalid, unexpected, or random data as inputs to a computer program.
A collection of various awesome lists for hackers, pentesters and security researchers
Web Pentesting Fuzz 字典,一个就够了。
Web path scanner
OSS-Fuzz - continuous fuzzing for open source software.
syzkaller is an unsupervised coverage-guided kernel fuzzer
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Hypothesis is a powerful, flexible, and easy to use library for property-based testing.
Scalable fuzzing infrastructure.
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Rockyou for web fuzzing
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
A high performance offensive security tool for reconnaissance and vulnerability scanning
the champagne of beta embedded databases
Created by Barton Miller
Released September 1988