This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter

Delve into a comprehensive checklist, your ultimate companion for Android app penetration testing. Identify vulnerabilities in network, data, storage, and permissions effortlessly. Boost security skills with essential tools and user-friendly guides. Elevate Android security seamlessly!

A comprehensive bug bounty methodology compiled from extensive research, covering web application reconnaissance, checklists, and methods for identifying various bugs. This guide aims to help bug hunters improve their skills in finding, verifying, and responsibly reporting security vulnerabilities.

A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabilities

Ethereum based smart contract vulnerability checklist （关于区块链以太坊安全类问题）

A comprehensive collection of resources designed to help you enhance the security of your APIs. In this repository, you'll find a wide range of wordlists, checklists, vulnerable app setups, Logger++ filters and resources dedicated to REST APIs, JSON, and GraphQL.

Secure-D Web Application Security Test Checklist summarizes well-known weaknesses, vulnerabilities and best practices into review topics with short description and recommendation. Its objective is to aid penetration tester to review the web application thoroughly.

Biscuit's Bug Bounty Playbook is a curated hub for cybersecurity learners and bug bounty hunters. It includes tools, methodologies, writeups, vulnerable labs, YouTube channels, checklists, and platform-specific insights to help you build and sharpen your hacking skills. Perfect for beginners and pros alike.

A comprehensive checklist for identifying and mitigating cache vulnerabilities in web applications, covering web cache poisoning, deception, DNS poisoning, and CDN-specific attacks. Includes detection, testing, mitigation, and reporting tips. Ideal for security researchers and developers.

Coinspect created a standard security checklist to provide transparent, objective insights into the most secure crypto wallets. Based on our ongoing research on web3 wallets, which unveiled multiple vulnerabilities across various vendors.

iOS Penetration Testing Checklist is a comprehensive and actionable guide designed for security professionals, developers, and testers to assess the security of iOS applications. This extension provides a detailed checklist covering 50+ vulnerabilities, ensuring a thorough evaluation of your app's security posture.

A comprehensive checklist and resource guide for auditing Solidity smart contracts for security vulnerabilities.

Practical exercises and checklists to prepare for the HTB Certified Bug Bounty Hunter (CBBH) exam, focusing on real-world web application vulnerabilities, exploitation techniques, and bug bounty methodologies.

This comprehensive checklist has been Created for penetration testers and bug hunters seeking to identify and exploit vulnerabilities in web applications.

A CheckList for web application Vulnerabilities

CIS Benchmark Hardening/Vulnerability Checklists

A simple checklist to help improve the impact of common web vulnerabilities on penetration tests.

A desktop tool for managing CVE disclosure workflows. Track vulnerabilities from discovery through coordinated disclosure with a Kanban board, follow-up reminders, checklists, and more.

A Penetration Testing Checklist for web ensures comprehensive security by systematically identifying and addressing potential vulnerabilities. It covers key areas like authentication, session management, input validation, access controls, and data encryption, enhancing overall web application security.

No description available

Practical guide and checklist for finding API vulnerabilities (OWASP API Top 10)

The Scoring API for the OpenRMF tool, lets you read stats on the status and category of STIG vulnerabilities. Also returns a score when passed the STIG checklist in a long raw string.

The AI Vulnerability Assessment Framework is an open-source checklist designed to guide GenAI developer through the process of assessing the vulnerability of artificial intelligence (AI) systems to various types of attacks and security threats.

checklist for testing invitation / team-member invite flows for business-logic vulnerabilities. Use this as a GitHub-ready checklist in your repo, penetration-testing notes, or bug bounty writeups. Each item includes: What to test → Quick test steps → PoC / Request template → Expected (bad) behavior → Impact → Mitigation.

A vulnerability assessment tool that automates bug hunting checklists for web targets

Cybersecurity checklists to perform vulnerabilities assessment, pentest, and other ethical hacking assessments.

Comprehensive cybersecurity audit toolkit: security assessment frameworks, penetration testing checklists, vulnerability assessment guides, and network security templates. By Petronella Technology Group.

This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter

A comprehensive security knowledge base for smart contract developers and auditors. Contains practical checklists, vulnerability patterns, and best practices covering DeFi protocols, ERC standards, governance, oracles, and cross-chain security.

Android-Pentesting & CheckList is a practical guide for Android security testing, providing a structured checklist, tools, and techniques for identifying vulnerabilities in Android applications.