infosec topic
bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
bugbountyguide
Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.
can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
contact.sh
An OSINT tool to find contacts in order to report security vulnerabilities.
legal-bug-bounty
#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.
megplus
Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
proof-of-concepts
A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
security-policy-specification-standard
This document proposes a way of standardising the structure, language, and grammar used in security policies.
assessment-mindset
Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.