A list of useful payloads and bypass for Web Application Security and Pentest/CTF

The authentication glue you need.

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

q - Run SQL directly on delimited files and multi-file sqlite databases

A GraphQL library for Python that leverages type annotations 🍓

BloodyAD is an Active Directory Privilege Escalation Framework

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)

How to exploit a double free vulnerability in 2021. Use After Free for Dummies

"Mongita is to MongoDB as SQLite is to SQL"

Blazingly fast cognitive complexity analysis for Python, written in Rust.

Check subdomains for subdomain takeovers and other DNS tomfoolery

Run Ducklake (ducklake.select) in Azure and with own compute