BugHunterIDPara pencari bug / celah kemanan bisa bergabung.
Stars: ✭ 72 (-98.02%)
github-watchmanMonitoring GitHub for sensitive data shared publicly
Stars: ✭ 60 (-98.35%)
swiss-bugbounty-programsList of bug bounty and coordinated vulnerability disclosure programs of companies/organisations in Switzerland
Stars: ✭ 25 (-99.31%)
Jsonpjsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
Stars: ✭ 131 (-96.41%)
gf-patternsCollection grep patterns for Tom Hudson a.k.a Tomnomnom tools namely gf
Stars: ✭ 27 (-99.26%)
Gitlab WatchmanMonitoring GitLab for sensitive data shared publicly
Stars: ✭ 127 (-96.51%)
HolyTipsA Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Stars: ✭ 1,210 (-66.79%)
TIWAPTotally Insecure Web Application Project (TIWAP)
Stars: ✭ 137 (-96.24%)
gosintGosint is a distributed asset information collection and vulnerability scanning platform
Stars: ✭ 344 (-90.56%)
GoaltdnsA permutation generation tool written in golang
Stars: ✭ 119 (-96.73%)
linkedinscraperLinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails.
Stars: ✭ 22 (-99.4%)
nozakiHTTP fuzzer engine security oriented
Stars: ✭ 37 (-98.98%)
gradejsGradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
Stars: ✭ 362 (-90.07%)
Mitmap📡 A python program to create a fake AP and sniff data.
Stars: ✭ 1,526 (-58.12%)
VirtualsecconsAn ongoing list of virtual cybersecurity conferences.
Stars: ✭ 113 (-96.9%)
SSRF payload本脚本旨在生成各类畸形URL链接,进行探测使用的payload,尝试绕过服务端ssrf限制。
Stars: ✭ 28 (-99.23%)
NetsetOperational Security utility and automator.
Stars: ✭ 110 (-96.98%)
moonwalkCover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚
Stars: ✭ 544 (-85.07%)
SubtakeAutomatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.
Stars: ✭ 104 (-97.15%)
FSEC-VMBackend logic implementation for Vulnerability Management System
Stars: ✭ 19 (-99.48%)
RoutersploitExploitation Framework for Embedded Devices
Stars: ✭ 9,866 (+170.75%)
ldapconsoleThe ldapconsole script allows you to perform custom LDAP requests to a Windows domain.
Stars: ✭ 25 (-99.31%)
GorshA Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
Stars: ✭ 97 (-97.34%)
challengesSecurity challenges and CTFs created by the Penultimate team.
Stars: ✭ 13 (-99.64%)
PinaakA vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan
Stars: ✭ 69 (-98.11%)
ras-fuzzerRAS(RAndom Subdomain) Fuzzer
Stars: ✭ 42 (-98.85%)
fleexFleex makes it easy to create multiple VPS on cloud providers and use them to distribute workloads.
Stars: ✭ 181 (-95.03%)
Recon PipelineAn automated target reconnaissance pipeline.
Stars: ✭ 278 (-92.37%)
PriestExtract server and IP address information from Browser SSRF
Stars: ✭ 13 (-99.64%)
authz0🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
Stars: ✭ 248 (-93.19%)
PyIrisPyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.
Stars: ✭ 296 (-91.88%)
Cvebase.comcvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs
Stars: ✭ 88 (-97.59%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (-65.2%)
quick-recon.pyDo some quick reconnaissance on a domain-based web-application
Stars: ✭ 13 (-99.64%)
MaliceVirusTotal Wanna Be - Now with 100% more Hipster
Stars: ✭ 1,253 (-65.61%)
flaskbombGZip HTTP Bombing in Python for everyone
Stars: ✭ 30 (-99.18%)
ksubdomainSubdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second
Stars: ✭ 320 (-91.22%)
Infosec BadgesBadges for your GitHub tool presented at InfoSec Conference
Stars: ✭ 74 (-97.97%)
EDRHuntScan installed EDRs and AVs on Windows
Stars: ✭ 406 (-88.86%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (-6.94%)
Red Team Curation ListA list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-98.13%)
allsafeIntentionally vulnerable Android application.
Stars: ✭ 135 (-96.3%)
gitls🖇 Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline
Stars: ✭ 39 (-98.93%)
cpu-load-side-channelSide-channel file transfer between independent VMs or processes executed on the same physical host.
Stars: ✭ 45 (-98.77%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 1,572 (-56.86%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (-91.93%)
Cyber-SecurityThis repository is used to store answers when resolving ctf challanges, how i came to that answer and the line of thought used to reach it.
Stars: ✭ 42 (-98.85%)
kube-scanKubernetes Scanner
Stars: ✭ 32 (-99.12%)
ScanApiSubdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.
Stars: ✭ 34 (-99.07%)
ipsourcebypassThis Python script can be used to bypass IP source restrictions using HTTP headers.
Stars: ✭ 326 (-91.05%)
Blind-SSRFNuclei Templates to reproduce Cracking the lens's Research
Stars: ✭ 111 (-96.95%)
Open-source-tools-for-CTIPublic Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers
Stars: ✭ 91 (-97.5%)
leaky-pathsA collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
Stars: ✭ 507 (-86.09%)