Home for questions and answers relating to the implementation of the ECSS methodology
Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
Organize your API security assessment by using MindAPI. It's free and open for community collaboration.
Notes for taking the OSCP in 2097. Read in book form on GitBook
My personal bug bounty toolkit.
🍰 Architectural design methodology for Frontend projects
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.
A new shellcode injection technique. Given as C++ header, standalone Rust program or library.