termijackTermiJack surreptitiously hijacks standard streams (stdin, stdout, and/or stderr) from an already running process.
Stars: ✭ 166 (+260.87%)
nteePortable Unix shell command 'tee', with some extras - read from standard input and write to standard output and files
Stars: ✭ 22 (-52.17%)
centCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
Stars: ✭ 315 (+584.78%)
gwdomainssub domain wild card filtering tool
Stars: ✭ 38 (-17.39%)
Bucket-FlawsBucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
Stars: ✭ 43 (-6.52%)
SubcertSubcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.
Stars: ✭ 58 (+26.09%)
daily-commonspeak2commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. Please use it instead: https://github.com/assetnote/wordlists
Stars: ✭ 38 (-17.39%)
DeadDNSDNS hijacking via dead records automation tool
Stars: ✭ 44 (-4.35%)
osmedeus-workflowCommunity Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own
Stars: ✭ 26 (-43.48%)
vapivAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Stars: ✭ 674 (+1365.22%)
Jasmin-RansomwareJasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
Stars: ✭ 84 (+82.61%)
nozakiHTTP fuzzer engine security oriented
Stars: ✭ 37 (-19.57%)
hinjectHost Header Injection Checker
Stars: ✭ 64 (+39.13%)
T1tl3A simple python script which can check HTTP status of branch of URLs/Subdomains and grab URLs/Subdomain title
Stars: ✭ 14 (-69.57%)
bug-bountyMy personal bug bounty toolkit.
Stars: ✭ 127 (+176.09%)
SubWalkerSimultaneously execute various subdomain enumeration tools and aggregate results.
Stars: ✭ 26 (-43.48%)
Virtual-HostModified Nuclei Templates Version to FUZZ Host Header
Stars: ✭ 38 (-17.39%)
nerdbugFull Nuclei automation script with logic explanation.
Stars: ✭ 153 (+232.61%)
V8PowerPutting the power of an 8-cylinder engine under the hood of DOS batch files.
Stars: ✭ 30 (-34.78%)
SQLi-Query-TamperingSQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (+167.39%)
ksubdomainSubdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second
Stars: ✭ 320 (+595.65%)
Sub-DrillA very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
Stars: ✭ 70 (+52.17%)
requests-ip-rotatorA Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
Stars: ✭ 323 (+602.17%)
shaniaScan secrets from Continuous Integration Build Logs
Stars: ✭ 54 (+17.39%)
BugHunterIDPara pencari bug / celah kemanan bisa bergabung.
Stars: ✭ 72 (+56.52%)
PinaakA vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan
Stars: ✭ 69 (+50%)
nuubiNuubi Tools (Information-ghatering|Scanner|Recon.)
Stars: ✭ 76 (+65.22%)
kube-scanKubernetes Scanner
Stars: ✭ 32 (-30.43%)
VulWebajuVulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.
Stars: ✭ 53 (+15.22%)
NightingaleIt's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (+158.7%)
fresh.pyAn efficient multi-threaded DNS resolver validator
Stars: ✭ 80 (+73.91%)
envsensor-observer-pyPython Bluetooth low energy observer example for OMRON Environment Sensor (2JCIE-BL01)
Stars: ✭ 31 (-32.61%)
PassivehunterSubdomain discovery using the power of 'The Rapid7 Project Sonar datasets'
Stars: ✭ 83 (+80.43%)
HolyTipsA Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Stars: ✭ 1,210 (+2530.43%)
CommandGenInterfaceSimple vueJS based command generator which I developed in order to learn vueJS a little bit more.
Stars: ✭ 17 (-63.04%)
webapp-wordlistsThis repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.
Stars: ✭ 306 (+565.22%)
smagShow Me A Graph - Command Line Graphing
Stars: ✭ 78 (+69.57%)
frida setupOne-click installer for Frida and Burp certs for SSL Pinning bypass
Stars: ✭ 47 (+2.17%)
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (-2.17%)
recceDomain availbility checker
Stars: ✭ 30 (-34.78%)
ldapconsoleThe ldapconsole script allows you to perform custom LDAP requests to a Windows domain.
Stars: ✭ 25 (-45.65%)
AstraAstra is a tool to find URLs and secrets inside a webpage/files
Stars: ✭ 187 (+306.52%)
OffensiveCloudDistributionLeverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.
Stars: ✭ 86 (+86.96%)
evrySplit STDIN stream and execute specified command every N lines/seconds.
Stars: ✭ 61 (+32.61%)
gf-patternsCollection grep patterns for Tom Hudson a.k.a Tomnomnom tools namely gf
Stars: ✭ 27 (-41.3%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (+263.04%)
goverviewgoverview - Get an overview of the list of URLs
Stars: ✭ 93 (+102.17%)
hack-pet🐰 Managing command snippets for hackers/bug bounty hunters. with pet.
Stars: ✭ 77 (+67.39%)
cukiniaA simple on-target system test framework for Linux
Stars: ✭ 24 (-47.83%)
ldap2jsonThe ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.
Stars: ✭ 56 (+21.74%)
PastebinMarkdownXSSXSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (+82.61%)
BugHunterNo description or website provided.
Stars: ✭ 23 (-50%)