Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+1006.52%)
BugbountyguideBug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.
Stars: ✭ 338 (+634.78%)
RedcloudAutomated Red Team Infrastructure deployement using Docker
Stars: ✭ 551 (+1097.83%)
HettyHetty is an HTTP toolkit for security research.
Stars: ✭ 3,596 (+7717.39%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+1567.39%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+821.74%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+1828.26%)
Bruteforce ListsSome files for bruteforcing certain things.
Stars: ✭ 320 (+595.65%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+1167.39%)
Go DorkThe fastest dork scanner written in Go.
Stars: ✭ 274 (+495.65%)
GospiderGospider - Fast web spider written in Go
Stars: ✭ 785 (+1606.52%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+1076.09%)
TakeoverA tool for testing subdomain takeover possibilities at a mass scale.
Stars: ✭ 28 (-39.13%)
AllaboutbugbountyAll about bug bounty (bypasses, payloads, and etc)
Stars: ✭ 758 (+1547.83%)
DnsgenGenerates combination of domain names from the provided input.
Stars: ✭ 389 (+745.65%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+613.04%)
DomainedMulti Tool Subdomain Enumeration
Stars: ✭ 688 (+1395.65%)
Urlhuntera recon tool that allows searching on URLs that are exposed via shortener services
Stars: ✭ 934 (+1930.43%)
SuboverA Powerful Subdomain Takeover Tool
Stars: ✭ 607 (+1219.57%)
H2csmugglerHTTP Request Smuggling over HTTP/2 Cleartext (h2c)
Stars: ✭ 292 (+534.78%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (+1608.7%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (+1126.09%)
Tiny Xss PayloadsA collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Stars: ✭ 975 (+2019.57%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+71441.3%)
ParamspiderMining parameters from dark corners of Web Archives
Stars: ✭ 781 (+1597.83%)
Learn365This repo is about @harshbothra_ 365 days of learning Tweet & Mindmap collection
Stars: ✭ 525 (+1041.3%)
Legal Bug Bounty#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.
Stars: ✭ 42 (-8.7%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+969.57%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+1552.17%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+828.26%)
GogitdumperDump exposed HTTP .git fast
Stars: ✭ 27 (-41.3%)
Top25 ParameterFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Stars: ✭ 388 (+743.48%)
Bypass Firewalls By Dns HistoryFirewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
Stars: ✭ 739 (+1506.52%)
WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Stars: ✭ 345 (+650%)
AwsbucketdumpSecurity Tool to Look For Interesting Files in S3 Buckets
Stars: ✭ 1,021 (+2119.57%)
BxssbXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Stars: ✭ 331 (+619.57%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (+1436.96%)
OneforallOneForAll是一款功能强大的子域收集工具
Stars: ✭ 4,202 (+9034.78%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (+1767.39%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+15652.17%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (+573.91%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+2017.39%)
Bugbounty CheatsheetA list of interesting payloads, tips and tricks for bug bounty hunters.
Stars: ✭ 3,644 (+7821.74%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (+1300%)
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Stars: ✭ 297 (+545.65%)
SubdomainizerA tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
Stars: ✭ 915 (+1889.13%)
Assessment MindsetSecurity Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
Stars: ✭ 608 (+1221.74%)
BurpbountyBurp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Stars: ✭ 1,026 (+2130.43%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+2121.74%)
BrutexAutomatically brute force all services running on a target.
Stars: ✭ 974 (+2017.39%)
Dalfox🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Stars: ✭ 791 (+1619.57%)