Bug-HuntingA Collection of Notes, Methodologies, POCs and everything else related to Bug Hunting.
Stars: ✭ 110 (-29.49%)
GreconYour Google Recon is Now Automated
Stars: ✭ 119 (-23.72%)
HawkeyeHawkeye filesystem analysis tool
Stars: ✭ 202 (+29.49%)
Dumpall一款信息泄漏利用工具,适用于.git/.svn源代码泄漏和.DS_Store泄漏
Stars: ✭ 250 (+60.26%)
frida setupOne-click installer for Frida and Burp certs for SSL Pinning bypass
Stars: ✭ 47 (-69.87%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+88.46%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+173.72%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+273.72%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (+665.38%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+391.67%)
SQLi-Query-TamperingSQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (-21.15%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-60.26%)
GofingerprintGoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.
Stars: ✭ 120 (-23.08%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+2104.49%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (+4.49%)
Jwt Hack🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)
Stars: ✭ 172 (+10.26%)
SpellbookMicro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-66.03%)
Sub-DrillA very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
Stars: ✭ 70 (-55.13%)
SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (+348.08%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+587.82%)
Webhackersweapons⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 1,205 (+672.44%)
GoaltdnsA permutation generation tool written in golang
Stars: ✭ 119 (-23.72%)
NetwormPython network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (-13.46%)
Shodan DorksDorks for shodan.io. Some basic shodan dorks collected from publicly available data.
Stars: ✭ 118 (-24.36%)
N00bratRemote Administration Toolkit (or Trojan) for POSiX (Linux/Unix) system working as a Web Service
Stars: ✭ 148 (-5.13%)
OpenvehiclediagA rust based cross-platform ECU diagnostics and car hacking application, utilizing the passthru protocol
Stars: ✭ 135 (-13.46%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-25.64%)
Oscp AutomationA collection of personal scripts used in hacking excercises.
Stars: ✭ 118 (-24.36%)
HuntrVulnerability Database | huntr.dev
Stars: ✭ 136 (-12.82%)
CorsmeCross Origin Resource Sharing MisConfiguration Scanner
Stars: ✭ 118 (-24.36%)
Ssti Payloads🎯 Server Side Template Injection Payloads
Stars: ✭ 150 (-3.85%)
Proof Of ConceptsA little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
Stars: ✭ 148 (-5.13%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+1069.23%)
HackeronedbThe unofficial HackerOne disclosure Timeline
Stars: ✭ 117 (-25%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-25.64%)
QuickxssAutomating XSS using Bash
Stars: ✭ 113 (-27.56%)
Mitmap📡 A python program to create a fake AP and sniff data.
Stars: ✭ 1,526 (+878.21%)
GxssA tool to check a bunch of URLs that contain reflecting params.
Stars: ✭ 115 (-26.28%)
IntelspyPerform automated network reconnaissance scans
Stars: ✭ 134 (-14.1%)
Dns DiscoveryDNS-Discovery is a multithreaded subdomain bruteforcer.
Stars: ✭ 114 (-26.92%)
Awesome HackingAwesome hacking is an awesome collection of hacking tools.
Stars: ✭ 1,802 (+1055.13%)
ApkleaksScanning APK file for URIs, endpoints & secrets.
Stars: ✭ 2,707 (+1635.26%)
Privilege EscalationThis cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
Stars: ✭ 2,117 (+1257.05%)
Cr3dov3rKnow the dangers of credential reuse attacks.
Stars: ✭ 1,700 (+989.74%)
Burp Send ToAdds a customizable "Send to..."-context-menu to your BurpSuite.
Stars: ✭ 114 (-26.92%)
Linux Smart EnumerationLinux enumeration tool for pentesting and CTFs with verbosity levels
Stars: ✭ 1,956 (+1153.85%)
Dark Fantasy Hack ToolDDOS Tool: To take down small websites with HTTP FLOOD. Port scanner: To know the open ports of a site. FTP Password Cracker: To hack file system of websites.. Banner Grabber: To get the service or software running on a port. (After knowing the software running google for its vulnerabilities.) Web Spider: For gathering web application hacking information. Email scraper: To get all emails related to a webpage IMDB Rating: Easy way to access the movie database. Both .exe(compressed as zip) and .py versions are available in files.
Stars: ✭ 131 (-16.03%)
BrutemapLet's find someone's account
Stars: ✭ 113 (-27.56%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-27.56%)
DustcloudXiaomi Smart Home Device Reverse Engineering and Hacking
Stars: ✭ 1,907 (+1122.44%)
Blackphish🔱 [ Phishing Made Easy ] 🔱 (In Beta)
Stars: ✭ 133 (-14.74%)