Leading source of security tools, hacking tools, cybersecurity and network security. Learn about new tools and updates in one place.
A network attack aims to access a network without permission, either to steal or alter data. This differs from endpoint, malware, and software vulnerability attacks. Learn about passive vs. active network attacks and more.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF.
0day Today is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and security professionals. Our aim is to collect exploits from submittals and various mailing lists and concentrate them in one, easy-to-navigate database. This was written solely for educational purposes. Use it at your own risk. The author will be not responsible for any damage.
A huge chunk of my personal notes since I started playing CTFs and working as a red teamer. These are living documents and I updated or add to them relatively often.
Welcome to the wiki where you will find each hacking trick/technique/whatever I have learnt from CTFs, real life apps, reading researches, and news.
exploit.education provides a variety of resources that can be used to learn about vulnerability analysis, exploit development, software debugging, binary analysis, and general cyber security issues.
A curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems.
The page where you will find each hacking trick/technique/whatever related to CI/CD & Cloud I have learnt in CTFs, real life environments, researching, and reading researches and news.
The Kubenomicon was born of a desire to understand more about Kubernetes from an offensive perspective. I found many great resources to aid in my journey, but I quickly realized.
A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities.
Global Security Resource. In these times where a new major data breach occurs on a daily basis, it is important for the personal Internet user, corporations, and governments to stay aware of vulnerabilities that may affect their systems. Packet Storm provides around-the-clock information and tools in order to help mitigate both personal data and fiscal loss on a global scale. As new information surfaces, Packet Storm releases everything immediately through it's RSS feeds, Twitter, and Facebook. The site is referenced in over a hundred books and has a history of being spotlighted in the news.
I have gathered these notes from lots of sources on the internet, such as OSCP guides, enumeration guides and books. If you see any content that you wrote and I haven't credited you, please let me know and I will add it.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Sticky notes for pentesting. Search hacking techniques and tools for penetration testings, bug bounty, CTFs.