Skip to content
View SecShiv's full-sized avatar
🎯
Focusing
🎯
Focusing
202 followers · 40 following
  • 13:41 (UTC)

Block or report SecShiv

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Lists (3)

Sort Name ascending (A-Z)
Sort by
Name ascending (A-Z) Name descending (Z-A) Newest Oldest Last updated

Stars

Showing results

swisskyrepo / PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Python 74,295 16,499 Updated Jan 3, 2026

mindedsecurity / semgrep-rules-android-security

A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.

Java 314 31 Updated Nov 12, 2025

Eltion / Tiktok-SSL-Pinning-Bypass

Bypass Tiktok SSL pinning on Android devices.

Python 804 198 Updated Nov 4, 2024

persistent-security / SMShell

PoC for a SMS-based shell. Send commands and receive responses over SMS from mobile broadband capable computers

C# 371 34 Updated May 22, 2023

marin-m / pbtk

A toolset for reverse engineering and fuzzing Protobuf-based apps

Python 1,608 195 Updated Dec 19, 2025

PortSwigger / cache-killer

Java 24 Updated Oct 17, 2024

aszx87410 / beyond-xss

Beyond XSS: Explore the Web Front-end Security Universe. A series about front-end security

JavaScript 170 37 Updated Oct 27, 2025

sarperavci / CloudflareBypassForScraping

A cloudflare verification bypass script for webscraping

Python 1,861 300 Updated Jan 10, 2026

reddelexc / hackerone-reports

Top disclosed reports from HackerOne

Python 5,114 926 Updated Jan 3, 2026

Hijack-Everything / buckethunter

A tool to find cloud buckets from Domains and Subdomains using Google, DNS, Gray Hat Warfare and all might Scraping

Python 9 1 Updated Dec 4, 2024

jonaslejon / malicious-pdf

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

Python 3,570 462 Updated Nov 14, 2025

swisskyrepo / GraphQLmap

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)

Python 1,600 219 Updated Mar 11, 2024

nikitastupin / clairvoyance

Obtain GraphQL API schema even if the introspection is disabled

Python 1,337 120 Updated Dec 5, 2025

zarkones / XENA

XENA is an innovative C2 made fully in Go. With hacking automation features.

Go 380 69 Updated Apr 26, 2025

pdelteil / trusty-bbp

Legitimate bug bounty programs value ethical practices and provide clear rewards to researchers for identifying security flaws

44 1 Updated Sep 22, 2024

leetCipher / bug-bounty-labs

All the labs in this repository simulate real world bugs I found in the wild

Python 197 63 Updated Jul 25, 2024

w9w / JSA

Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.

Python 559 84 Updated Mar 8, 2025

Rhynorater / rebindMultiA

Python 64 10 Updated Mar 1, 2023

blockthreat / blocksec-ctfs

A curated list of blockchain security Capture the Flag (CTF) competitions

1,619 248 Updated Mar 11, 2024

Unrealisedd / BAC-workflow

workflow for testing broken access control

4 1 Updated Sep 2, 2024

sarperavci / MXS

A powerful asynchronous XSS scanner supporting up to 1,500 concurrent requests.

Python 164 33 Updated Aug 16, 2024

Hacking-Notes / Endpoint-Javascript-Explorer

Powerful JavaScript bookmarklet designed for discovering and analyzing endpoints embedded in JavaScript files across various domains

12 Updated Apr 5, 2025

kleiton0x00 / Advanced-SQL-Injection-Cheatsheet

A cheat sheet that contains advanced queries for SQL Injection of all types.

3,125 694 Updated May 13, 2023

tauh33dkhan / Hacking-Insecure-Firebase-Database

Insecure Firebase | Bugbounty | Hacking Insecure Firbase

93 10 Updated Sep 2, 2021

MuhammadKhizerJaved / Insecure-Firebase-Exploit

A simple Python Exploit to Write Data to Insecure/vulnerable firebase databases! Commonly found inside Mobile Apps. If the owner of the app have set the security rules as true for both "read" & "wr…

Python 325 81 Updated Jun 4, 2024

kevin-mizu / domloggerpp

A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.

JavaScript 743 78 Updated Dec 9, 2025

owasp-noir / noir

Hunt every Endpoint in your code, expose Shadow APIs, map the Attack Surface.

Crystal 995 89 Updated Jan 11, 2026

Deamon0x0 / demo

MY METHODS

2 Updated Nov 23, 2024

DreadedLama / Simple-Dialer

Forked from SimpleMobileTools/Simple-Dialer

A handy phone call manager with phonebook, number blocking and multi-SIM support that uses truecaller to display the name of the caller.

Kotlin 33 1 Updated Aug 23, 2023

Arachni / arachni

Web Application Security Scanner Framework

Ruby 3,983 785 Updated May 22, 2025
Next