GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → gwen001 → github-endpoints

gwen001 / github-endpoints

Licence: MIT license
Find endpoints on GitHub.

Programming Languages

go
31211 projects - #10 most used programming language

Labels

githuburlspentestingbugbountysecurity-toolsendpoints

Projects that are alternatives of or similar to github-endpoints

gosint
Gosint is a distributed asset information collection and vulnerability scanning platform
Stars: ✭ 344 (+191.53%)
Mutual labels:  bugbounty
BugBountyHuntingScripts
I built some bash functions to help me while doing mundane and repetitive tasks using BBRF, Nuclei or other Bug bounty tool.
Stars: ✭ 160 (+35.59%)
Mutual labels:  bugbounty
VPS-Bug-Bounty-Tools
Script that automates the installation of the main tools used for web application penetration testing and Bug Bounty.
Stars: ✭ 44 (-62.71%)
Mutual labels:  bugbounty
SourceWolf
Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥
Stars: ✭ 132 (+11.86%)
Mutual labels:  bugbounty
Bug-Hunting
A Collection of Notes, Methodologies, POCs and everything else related to Bug Hunting.
Stars: ✭ 110 (-6.78%)
Mutual labels:  bugbounty
ICU
An Extended, Modulair, Host Discovery Framework
Stars: ✭ 40 (-66.1%)
Mutual labels:  bugbounty
ras-fuzzer
RAS(RAndom Subdomain) Fuzzer
Stars: ✭ 42 (-64.41%)
Mutual labels:  bugbounty
Inventus
Inventus is a spider designed to find subdomains of a specific domain by crawling it and any subdomains it discovers.
Stars: ✭ 80 (-32.2%)
Mutual labels:  bugbounty
flydns
Related subdomains finder
Stars: ✭ 29 (-75.42%)
Mutual labels:  bugbounty
Jira-Lens
Fast and customizable vulnerability scanner For JIRA written in Python
Stars: ✭ 185 (+56.78%)
Mutual labels:  bugbounty
xssfinder
Toolset for detecting reflected xss in websites
Stars: ✭ 105 (-11.02%)
Mutual labels:  bugbounty
Bugs-feed
Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...
Stars: ✭ 90 (-23.73%)
Mutual labels:  bugbounty
Awesome-HTTPRequestSmuggling
A curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! 🍻
Stars: ✭ 97 (-17.8%)
Mutual labels:  bugbounty
tugarecon
Pentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+20.34%)
Mutual labels:  bugbounty
KaliIntelligenceSuite
Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.
Stars: ✭ 58 (-50.85%)
Mutual labels:  bugbounty
gradejs
GradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
Stars: ✭ 362 (+206.78%)
Mutual labels:  bugbounty
rejig
Turn your VPS into an attack box
Stars: ✭ 33 (-72.03%)
Mutual labels:  bugbounty
url-regex-safe
Regular expression matching for URL's. Maintained, safe, and browser-friendly version of url-regex. Resolves CVE-2020-7661 for Node.js servers.
Stars: ✭ 59 (-50%)
Mutual labels:  urls
magicRecon
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (+305.08%)
Mutual labels:  bugbounty
Emissary
Send notifications on different channels such as Slack, Telegram, Discord etc.
Stars: ✭ 33 (-72.03%)
Mutual labels:  bugbounty
View All Similar Projects ➔

github-endpoints

Find endpoints on GitHub.

go badge MIT license badge twitter badge

Install

go install github.com/gwen001/github-endpoints@latest

or

git clone https://github.com/gwen001/github-endpoints
cd github-endpoints
go install

Usage

$ github-endpoints -h

Usage of github-endpoints:
  -all
    	displays urls of all other domains, default=false
  -d string
    	domain you are looking for (required)
  -e	extended mode, also look for <dummy>example.com
  -k	exit the program when all tokens have been disabled
  -o string
    	output file, default: <domain>.txt
  -r	display relative urls, default=false
  -raw
    	raw output
  -t string
    	github token (required), can be:
    	  • a single token
    	  • a list of tokens separated by comma
    	  • a file (.tokens) containing 1 token per line
    	if the options is not provided, the environment variable GITHUB_TOKEN is readed, it can be:
    	  • a single token
    	  • a list of tokens separated by comma

If you want to use multiple tokens, you better create a .tokens file in the executable directory with 1 token per line

token1
token2
...

or use an environment variable with tokens separated by comma:

export GITHUB_TOKEN=token1,token2...

Tokens are disabled when GitHub raises a rate limit alert, however they are re-enable 1mn later. You can disable that feature by using the option -k.

Todo

  • change the order of the extra searches ?
  • ?

Changelog

20/09/2022

  • fix regexp for subdomains

25/09/2020

  • quick mode added
  • tokens can be read from any file

23/09/2020

  • fixed an issue in the api call (params name)
  • added binary

10/08/2020

  • creation

Feel free to open an issue if you have any problem with the script.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].