WpscanWPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites.
Stars: ✭ 6,244 (+2407.63%)
BurpSQLTruncSannerMessy BurpSuite plugin for SQL Truncation vulnerabilities.
Stars: ✭ 53 (-78.71%)
XrcrossXRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities
Stars: ✭ 175 (-29.72%)
request smugglerHttp request smuggling vulnerability scanner
Stars: ✭ 203 (-18.47%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (+158.63%)
urldedupePass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
Stars: ✭ 208 (-16.47%)
CorsmeCross Origin Resource Sharing MisConfiguration Scanner
Stars: ✭ 118 (-52.61%)
WhoEnumMass querying whois records
Stars: ✭ 24 (-90.36%)
Assessment MindsetSecurity Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
Stars: ✭ 608 (+144.18%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-87.55%)
AutoreconSimple shell script for automated domain recognition with some tools
Stars: ✭ 244 (-2.01%)
bhedakA replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.
Stars: ✭ 77 (-69.08%)
SuperLibraryInformation Security Library
Stars: ✭ 60 (-75.9%)
Rust Sia rusty `scanf` (`scan!`) and inverse of `print!` (`read!`)
Stars: ✭ 116 (-53.41%)
paperbaseOpen source document organizer with automatic OCR and full text search
Stars: ✭ 21 (-91.57%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+134.14%)
magicReconMagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (+91.97%)
RedcloudAutomated Red Team Infrastructure deployement using Docker
Stars: ✭ 551 (+121.29%)
KaliIntelligenceSuiteKali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.
Stars: ✭ 58 (-76.71%)
GxssA tool to check a bunch of URLs that contain reflecting params.
Stars: ✭ 115 (-53.82%)
VPS-Bug-Bounty-ToolsScript that automates the installation of the main tools used for web application penetration testing and Bug Bounty.
Stars: ✭ 44 (-82.33%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+13116.47%)
scanDeFi Scan, everything one-stop location for DeFi Blockchain. Powered by jellyfish & ocean network.
Stars: ✭ 31 (-87.55%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+1455.42%)
Awesome-HTTPRequestSmugglingA curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! 🍻
Stars: ✭ 97 (-61.04%)
Learn365This repo is about @harshbothra_ 365 days of learning Tweet & Mindmap collection
Stars: ✭ 525 (+110.84%)
rejigTurn your VPS into an attack box
Stars: ✭ 33 (-86.75%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-54.62%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-88.35%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+97.59%)
Bug-HuntingA Collection of Notes, Methodologies, POCs and everything else related to Bug Hunting.
Stars: ✭ 110 (-55.82%)
TuktukTool for catching and logging different types of requests.
Stars: ✭ 174 (-30.12%)
roboxtractorExtract endpoints marked as disallow in robots files to generate wordlists.
Stars: ✭ 40 (-83.94%)
SourceWolfAmazingly fast response crawler to find juicy stuff in the source code! 😎🔥
Stars: ✭ 132 (-46.99%)
DekstereconWeb Application recon automation
Stars: ✭ 109 (-56.22%)
ksubdomainSubdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second
Stars: ✭ 320 (+28.51%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+70.28%)
gosintGosint is a distributed asset information collection and vulnerability scanning platform
Stars: ✭ 344 (+38.15%)
ras-fuzzerRAS(RAndom Subdomain) Fuzzer
Stars: ✭ 42 (-83.13%)
DnsgenGenerates combination of domain names from the provided input.
Stars: ✭ 389 (+56.22%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 1,572 (+531.33%)
Nuclei TemplatesCommunity curated list of templates for the nuclei engine to find security vulnerabilities.
Stars: ✭ 1,354 (+443.78%)
ScanApiSubdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.
Stars: ✭ 34 (-86.35%)
LoopyA code generator for array-based code on CPUs and GPUs
Stars: ✭ 367 (+47.39%)
Blind-SSRFNuclei Templates to reproduce Cracking the lens's Research
Stars: ✭ 111 (-55.42%)
Url TrackerChange monitoring app that checks the content of web pages in different periods.
Stars: ✭ 171 (-31.33%)
Whc scan高效强大扫描分析iOS和Android项目里没有使用的类Mac开源工具,清理项目垃圾类,让项目结构干净清爽,升级维护得心应手. Efficient and powerful scanning analysis iOS and Android project no classes used in Mac open source tools, cleaning rubbish class project, make project structure clean and relaxed, upgrade maintenance
Stars: ✭ 342 (+37.35%)
Cc.pyExtracting URLs of a specific target based on the results of "commoncrawl.org"
Stars: ✭ 250 (+0.4%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+1281.12%)
ChameleonCustomizable honeypots for monitoring network traffic, bots activities and username\password credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres and MySQL)
Stars: ✭ 230 (-7.63%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: ✭ 187 (-24.9%)
Zxinglite🔥 ZXing的精简版,优化扫码和生成二维码/条形码,内置闪光灯等功能。扫描风格支持:微信的线条样式,支付宝的网格样式。几句代码轻松拥有扫码功能 ,ZXingLite让集成更简单。(扫码识别速度快如微信)
Stars: ✭ 2,117 (+750.2%)
BurpbountyBurp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Stars: ✭ 1,026 (+312.05%)
hack-pet🐰 Managing command snippets for hackers/bug bounty hunters. with pet.
Stars: ✭ 77 (-69.08%)