nuubiNuubi Tools (Information-ghatering|Scanner|Recon.)
Stars: ✭ 76 (+94.87%)
webapp-wordlistsThis repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.
Stars: ✭ 306 (+684.62%)
spellbookFramework for rapid development and reusable of security tools
Stars: ✭ 67 (+71.79%)
PackageBuilderPackageBuilder builds a simple command-line structure by SwiftPM.
Stars: ✭ 27 (-30.77%)
VoilaVoila is a domain-specific language launched through CLI tool for operating with files and directories in massive amounts in a fast & reliable way.
Stars: ✭ 78 (+100%)
vapivAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Stars: ✭ 674 (+1628.21%)
leaky-pathsA collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
Stars: ✭ 507 (+1200%)
ldapconsoleThe ldapconsole script allows you to perform custom LDAP requests to a Windows domain.
Stars: ✭ 25 (-35.9%)
SubcertSubcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.
Stars: ✭ 58 (+48.72%)
NightingaleIt's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (+205.13%)
VulWebajuVulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.
Stars: ✭ 53 (+35.9%)
frida setupOne-click installer for Frida and Burp certs for SSL Pinning bypass
Stars: ✭ 47 (+20.51%)
PyStalkerPython script to see you what your friends are doing on Codeforces!
Stars: ✭ 12 (-69.23%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-38.46%)
recceDomain availbility checker
Stars: ✭ 30 (-23.08%)
requests-ip-rotatorA Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
Stars: ✭ 323 (+728.21%)
ResourcesNo description or website provided.
Stars: ✭ 38 (-2.56%)
nozakiHTTP fuzzer engine security oriented
Stars: ✭ 37 (-5.13%)
HolyTipsA Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Stars: ✭ 1,210 (+3002.56%)
kube-scanKubernetes Scanner
Stars: ✭ 32 (-17.95%)
EagleMultithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities
Stars: ✭ 85 (+117.95%)
hack-pet🐰 Managing command snippets for hackers/bug bounty hunters. with pet.
Stars: ✭ 77 (+97.44%)
bug-bountyMy personal bug bounty toolkit.
Stars: ✭ 127 (+225.64%)
DeadDNSDNS hijacking via dead records automation tool
Stars: ✭ 44 (+12.82%)
hinjectHost Header Injection Checker
Stars: ✭ 64 (+64.1%)
PastebinMarkdownXSSXSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (+115.38%)
daily-commonspeak2commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. Please use it instead: https://github.com/assetnote/wordlists
Stars: ✭ 38 (-2.56%)
AndroidSecNotesAn actively maintained, Self curated notes related to android application security for security professionals, bugbounty hunters, pentesters, reverse engineer, and redteamers.
Stars: ✭ 140 (+258.97%)
SubWalkerSimultaneously execute various subdomain enumeration tools and aggregate results.
Stars: ✭ 26 (-33.33%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-10.26%)
gwdomainssub domain wild card filtering tool
Stars: ✭ 38 (-2.56%)
fresh.pyAn efficient multi-threaded DNS resolver validator
Stars: ✭ 80 (+105.13%)
OffensiveCloudDistributionLeverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.
Stars: ✭ 86 (+120.51%)
authz0🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
Stars: ✭ 248 (+535.9%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (+328.21%)
BugHunterNo description or website provided.
Stars: ✭ 23 (-41.03%)
ldap2jsonThe ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.
Stars: ✭ 56 (+43.59%)
jsleaka Go code to detect leaks in JS files via regex patterns
Stars: ✭ 111 (+184.62%)
BugHunterIDPara pencari bug / celah kemanan bisa bergabung.
Stars: ✭ 72 (+84.62%)
T1tl3A simple python script which can check HTTP status of branch of URLs/Subdomains and grab URLs/Subdomain title
Stars: ✭ 14 (-64.1%)
PinaakA vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan
Stars: ✭ 69 (+76.92%)
targetsA collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.
Stars: ✭ 85 (+117.95%)
wifiqrCreate a QR code with your Wi-Fi login details
Stars: ✭ 207 (+430.77%)
osmedeus-workflowCommunity Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own
Stars: ✭ 26 (-33.33%)
tictac⏰ Handy time manager for your daily tasks
Stars: ✭ 55 (+41.03%)
centCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
Stars: ✭ 315 (+707.69%)
ksubdomainSubdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second
Stars: ✭ 320 (+720.51%)
PassivehunterSubdomain discovery using the power of 'The Rapid7 Project Sonar datasets'
Stars: ✭ 83 (+112.82%)
CommandGenInterfaceSimple vueJS based command generator which I developed in order to learn vueJS a little bit more.
Stars: ✭ 17 (-56.41%)
PayloadsPayload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (+979.49%)
SecurityExplainedSecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with the community to enable knowledge creation and learning.
Stars: ✭ 301 (+671.79%)
openebsctl`openebsctl` is a kubectl plugin to manage OpenEBS storage components.
Stars: ✭ 23 (-41.03%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (+10.26%)
aneweranewer appends lines from stdin to a file if they don't already exist in the file. This is a rust version of https://github.com/tomnomnom/anew
Stars: ✭ 46 (+17.95%)