SubdomainizerA tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
Stars: ✭ 915 (+928.09%)
Bypass Firewalls By Dns HistoryFirewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
Stars: ✭ 739 (+730.34%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+1048.31%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+896.63%)
Assessment MindsetSecurity Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
Stars: ✭ 608 (+583.15%)
Pcwt Stars: ✭ 46 (-48.31%)
ParamspiderMining parameters from dark corners of Web Archives
Stars: ✭ 781 (+777.53%)
ZileExtract API keys from file or url using by magic of python and regex.
Stars: ✭ 61 (-31.46%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+8041.57%)
Express Securitynodejs + express security and performance boilerplate.
Stars: ✭ 37 (-58.43%)
TakeoverA tool for testing subdomain takeover possibilities at a mass scale.
Stars: ✭ 28 (-68.54%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (+533.71%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (+865.17%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-30.34%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (+783.15%)
BurpbountyBurp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Stars: ✭ 1,026 (+1052.81%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+753.93%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (+1241.57%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (+694.38%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (+623.6%)
Differerdifferer finds how URLs are parsed by different languages in order to help bug hunters break filters
Stars: ✭ 56 (-37.08%)
ZmonitorAzure Multi-subscription/tenant Monitoring Solution
Stars: ✭ 35 (-60.67%)
CspCommunicating Sequential Processes in JavaScript
Stars: ✭ 33 (-62.92%)
RedcloudAutomated Red Team Infrastructure deployement using Docker
Stars: ✭ 551 (+519.1%)
HaliveA fast http and https prober, to check which URLs are alive
Stars: ✭ 47 (-47.19%)
GogitdumperDump exposed HTTP .git fast
Stars: ✭ 27 (-69.66%)
FindsploitFind exploits in local and online databases instantly
Stars: ✭ 1,160 (+1203.37%)
GoodiesUseful stuff missing from .NET for example duck typing, CSP channels, caching, money, typed ids...
Stars: ✭ 11 (-87.64%)
Bug Bounty ResponsesA collection of response templates for invalid bug bounty reports.
Stars: ✭ 46 (-48.31%)
Urlhuntera recon tool that allows searching on URLs that are exposed via shortener services
Stars: ✭ 934 (+949.44%)
ChanPure C implementation of Go channels.
Stars: ✭ 1,208 (+1257.3%)
Dalfox🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Stars: ✭ 791 (+788.76%)
DrishtiA fast HTTP Response status checker implemented in Python3
Stars: ✭ 46 (-48.31%)
GospiderGospider - Fast web spider written in Go
Stars: ✭ 785 (+782.02%)
S3reverseThe format of various s3 buckets is convert in one format. for bugbounty and security testing.
Stars: ✭ 61 (-31.46%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+761.8%)
AwsbucketdumpSecurity Tool to Look For Interesting Files in S3 Buckets
Stars: ✭ 1,021 (+1047.19%)
AllaboutbugbountyAll about bug bounty (bypasses, payloads, and etc)
Stars: ✭ 758 (+751.69%)
So 5 5SObjectizer: it's all about in-process message dispatching!
Stars: ✭ 87 (-2.25%)
Legal Bug Bounty#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.
Stars: ✭ 42 (-52.81%)
DomainedMulti Tool Subdomain Enumeration
Stars: ✭ 688 (+673.03%)
Rfd CheckerRFD Checker - security CLI tool to test Reflected File Download issues
Stars: ✭ 56 (-37.08%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+994.38%)
SuboverA Powerful Subdomain Takeover Tool
Stars: ✭ 607 (+582.02%)
GitgrabergitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Stars: ✭ 1,164 (+1207.87%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+555.06%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+1105.62%)
BrutexAutomatically brute force all services running on a target.
Stars: ✭ 974 (+994.38%)
Webhackersweapons⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 1,205 (+1253.93%)
LibcspA concurrency C library 10x faster than Golang.
Stars: ✭ 1,160 (+1203.37%)
Pentesting BibleLearn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+9991.01%)
Tiny Xss PayloadsA collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Stars: ✭ 975 (+995.51%)