Navid's Projects
Open-source vulnerability disclosure and bug bounty program database.
List of fresh DNS resolvers updated daily
:cherry_blossom: A command-line fuzzy finder
HackerOne "in scope" domains
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Tutorials and Things to Do while Hunting Vulnerability.
Free Introduction to Bash Scripting eBook
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
Contextual Content Discovery Tool
Learn regex the easy way
A Collection of Logger++ Filters for Hunting API Vulnerabilities
payloads list for bypass login pages. SQLi!
Small utility program to perform multiple operations for a given subnet/CIDR ranges.
Config files for my GitHub profile.
Config files for my GitHub profile.
Nuclei Templates Collection
Rockyou for web fuzzing
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Penetration tests guide based on OWASP including test cases, resources and examples.
Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Recon Methodology
ReconMaster contest - scripts used and a write-up
The most exhaustive list of reliable DNS resolvers.
A list of resources for those interested in getting started in bug bounties
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.