magicReconMagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (+1305.88%)
doraFind exposed API keys based on RegEx and get exploitation methods for some of keys that are found
Stars: ✭ 229 (+573.53%)
cf-checkCloudFlare Checker written in Go
Stars: ✭ 147 (+332.35%)
LAZYPARIAHA tool for generating reverse shell payloads on the fly.
Stars: ✭ 121 (+255.88%)
credcheckCredentials Checking Framework
Stars: ✭ 50 (+47.06%)
DeadDNSDNS hijacking via dead records automation tool
Stars: ✭ 44 (+29.41%)
EagleMultithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities
Stars: ✭ 85 (+150%)
BugHunterIDPara pencari bug / celah kemanan bisa bergabung.
Stars: ✭ 72 (+111.76%)
BugzeeSimple Script to install recommended Bug Bounty Hunting Tools In Your Linux Disto
Stars: ✭ 42 (+23.53%)
DomainkerBugBounty Tool
Stars: ✭ 40 (+17.65%)
Bounty Targets DataThis repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
Stars: ✭ 1,783 (+5144.12%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-8.82%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 1,572 (+4523.53%)
Sub-DrillA very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
Stars: ✭ 70 (+105.88%)
hack-pet🐰 Managing command snippets for hackers/bug bounty hunters. with pet.
Stars: ✭ 77 (+126.47%)
HolyTipsA Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Stars: ✭ 1,210 (+3458.82%)
PassivehunterSubdomain discovery using the power of 'The Rapid7 Project Sonar datasets'
Stars: ✭ 83 (+144.12%)
sub404A python tool to check subdomain takeover vulnerability
Stars: ✭ 205 (+502.94%)
PriestExtract server and IP address information from Browser SSRF
Stars: ✭ 13 (-61.76%)
HowtohuntTutorials and Things to Do while Hunting Vulnerability.
Stars: ✭ 2,996 (+8711.76%)
BugHunterNo description or website provided.
Stars: ✭ 23 (-32.35%)
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (+32.35%)
nerdbugFull Nuclei automation script with logic explanation.
Stars: ✭ 153 (+350%)
WDIRGood resources about web security that I have read.
Stars: ✭ 14 (-58.82%)
Bugsnag JsJavascript error handling tool for Bugsnag. Monitor and report JavaScript bugs & errors.
Stars: ✭ 625 (+1738.24%)
Bugsnag Node[DEPRECATED] Please upgrade to our Universal JS notifier "@bugsnag/js" • https://github.com/bugsnag/bugsnag-js
Stars: ✭ 48 (+41.18%)
discord-bugs-exploitsA Collection of Various Discord Bugs, Exploits, Un-Documented Parts of the Discord API, and Other Discord Related Miscellaneous Stuff.
Stars: ✭ 22 (-35.29%)
PayloadsPayload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (+1138.24%)
HashExploitHashExpoit is Great Tool For Cracking Hash
Stars: ✭ 17 (-50%)
Hack ToolsThe all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (+7988.24%)
Awesome Bugbounty WriteupsA curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Stars: ✭ 2,429 (+7044.12%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (+232.35%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (+391.18%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+1491.18%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+2905.88%)
AllaboutbugbountyAll about bug bounty (bypasses, payloads, and etc)
Stars: ✭ 758 (+2129.41%)
inceptorTemplate-Driven AV/EDR Evasion Framework
Stars: ✭ 730 (+2047.06%)
Bugsnag GoAutomatic panic monitoring for Go and Go web frameworks, like negroni, gin, and revel
Stars: ✭ 155 (+355.88%)
JALSIJALSI - Just Another Lame Shellcode Injector
Stars: ✭ 29 (-14.71%)
hackarsenaltoolkitHacking arsenal. This script download the latest tools, wordlists, releases and install common hacking tools
Stars: ✭ 39 (+14.71%)
h1-searchTool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.
Stars: ✭ 58 (+70.59%)
HackeronedbThe unofficial HackerOne disclosure Timeline
Stars: ✭ 117 (+244.12%)
InlineWhispers2Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2
Stars: ✭ 156 (+358.82%)
massurlA simple tool that aims to efficiently and quickly parse the outputs of web scraping tools like gau
Stars: ✭ 14 (-58.82%)
palinka c2Just another useless C2 occupying space in some HDD somewhere.
Stars: ✭ 14 (-58.82%)
Bug-HuntingA Collection of Notes, Methodologies, POCs and everything else related to Bug Hunting.
Stars: ✭ 110 (+223.53%)
OctopusOctopus - Network Scan/Infos & Web Scan
Stars: ✭ 25 (-26.47%)
SherlockThis script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Stars: ✭ 36 (+5.88%)
Bugsnag PythonOfficial bugsnag error monitoring and error reporting for django, flask, tornado and other python apps.
Stars: ✭ 69 (+102.94%)
AlanFrameworkA C2 post-exploitation framework
Stars: ✭ 405 (+1091.18%)
VPS-Bug-Bounty-ToolsScript that automates the installation of the main tools used for web application penetration testing and Bug Bounty.
Stars: ✭ 44 (+29.41%)
HostPanicFind host header injections and perform Host Header attacks with other kind of bugs like web cache poissoning
Stars: ✭ 23 (-32.35%)
Android-LDoSNo description or website provided.
Stars: ✭ 15 (-55.88%)