Bug-HuntingA Collection of Notes, Methodologies, POCs and everything else related to Bug Hunting.
Stars: ✭ 110 (+378.26%)
HackeronedbThe unofficial HackerOne disclosure Timeline
Stars: ✭ 117 (+408.7%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+4343.48%)
XrcrossXRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities
Stars: ✭ 175 (+660.87%)
BugHunterIDPara pencari bug / celah kemanan bisa bergabung.
Stars: ✭ 72 (+213.04%)
AllaboutbugbountyAll about bug bounty (bypasses, payloads, and etc)
Stars: ✭ 758 (+3195.65%)
vapivAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Stars: ✭ 674 (+2830.43%)
magicReconMagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (+1978.26%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (+34.78%)
hinjectHost Header Injection Checker
Stars: ✭ 64 (+178.26%)
OffensiveCloudDistributionLeverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.
Stars: ✭ 86 (+273.91%)
discord-bugs-exploitsA Collection of Various Discord Bugs, Exploits, Un-Documented Parts of the Discord API, and Other Discord Related Miscellaneous Stuff.
Stars: ✭ 22 (-4.35%)
pyenvdiff-libPython environment comparison tool
Stars: ✭ 23 (+0%)
VulWebajuVulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.
Stars: ✭ 53 (+130.43%)
ldap2jsonThe ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.
Stars: ✭ 56 (+143.48%)
assign-one-project-github-actionAutomatically add an issue or pull request to specific GitHub Project(s) when you create and/or label them.
Stars: ✭ 140 (+508.7%)
nicks-cors-testSimple HTML & JS Tool to quickly test CORS locally.
Stars: ✭ 68 (+195.65%)
nozakiHTTP fuzzer engine security oriented
Stars: ✭ 37 (+60.87%)
ksubdomainSubdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second
Stars: ✭ 320 (+1291.3%)
ticker-phoenixElixir Phoenix Stock Quotes API (IEX Trading)
Stars: ✭ 15 (-34.78%)
PinaakA vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan
Stars: ✭ 69 (+200%)
devratingA tool that suggests minimal PR size for contributors
Stars: ✭ 19 (-17.39%)
create-fastify-appAn utility that help you to generate or add plugin to your Fastify project
Stars: ✭ 53 (+130.43%)
OnceBuilderOnceBuilder - managment tool, mange projects, templates, plugins in one place.
Stars: ✭ 18 (-21.74%)
SQLGitHub💻 SQLGitHub — Managing GitHub organization made easier
Stars: ✭ 34 (+47.83%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (+626.09%)
barmateModern and intuitive POS web application written with the Laravel framework
Stars: ✭ 13 (-43.48%)
requests-ip-rotatorA Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
Stars: ✭ 323 (+1304.35%)
osmedeus-workflowCommunity Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own
Stars: ✭ 26 (+13.04%)
spellbookFramework for rapid development and reusable of security tools
Stars: ✭ 67 (+191.3%)
daily-commonspeak2commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. Please use it instead: https://github.com/assetnote/wordlists
Stars: ✭ 38 (+65.22%)
consoleHAL management console
Stars: ✭ 41 (+78.26%)
kube-scanKubernetes Scanner
Stars: ✭ 32 (+39.13%)
opensource-management-portalMicrosoft's monolithic GitHub Management Portal enabling enterprise scale self-service powered by the GitHub API 🏔🧑💻🧰
Stars: ✭ 369 (+1504.35%)
teaful🍵 Tiny, easy and powerful React state management
Stars: ✭ 638 (+2673.91%)
T1tl3A simple python script which can check HTTP status of branch of URLs/Subdomains and grab URLs/Subdomain title
Stars: ✭ 14 (-39.13%)
SubcertSubcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.
Stars: ✭ 58 (+152.17%)
remote-virtualbox🍰 Little package to do simple things with VirtualBox remotely using it's SOAP API
Stars: ✭ 18 (-21.74%)
node-cors-clientA test application that helps illustrate CORS while both in a working state and a non-working state across simple and complex request scenarios.
Stars: ✭ 53 (+130.43%)
hawtio-integrationCore integration plugins for Hawtio: Apache ActiveMQ, Camel, Karaf, OSGi, and Spring Boot
Stars: ✭ 26 (+13.04%)
pm-idmIDM project management repository
Stars: ✭ 59 (+156.52%)
hack-pet🐰 Managing command snippets for hackers/bug bounty hunters. with pet.
Stars: ✭ 77 (+234.78%)
SubWalkerSimultaneously execute various subdomain enumeration tools and aggregate results.
Stars: ✭ 26 (+13.04%)
NightingaleIt's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (+417.39%)
centCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
Stars: ✭ 315 (+1269.57%)
webapp-wordlistsThis repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.
Stars: ✭ 306 (+1230.43%)
massurlA simple tool that aims to efficiently and quickly parse the outputs of web scraping tools like gau
Stars: ✭ 14 (-39.13%)
roxy-wiWeb interface for managing Haproxy, Nginx, Apache and Keepalived servers
Stars: ✭ 1,109 (+4721.74%)
PayloadsPayload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (+1730.43%)
gwdomainssub domain wild card filtering tool
Stars: ✭ 38 (+65.22%)