CommixAutomated All-in-One OS Command Injection Exploitation Tool.
Stars: ✭ 3,016 (+1653.49%)
sub404A python tool to check subdomain takeover vulnerability
Stars: ✭ 205 (+19.19%)
BurpbountyBurp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Stars: ✭ 1,026 (+496.51%)
QuickxssAutomating XSS using Bash
Stars: ✭ 113 (-34.3%)
GreconYour Google Recon is Now Automated
Stars: ✭ 119 (-30.81%)
FuxploiderFile upload vulnerability scanner and exploitation tool.
Stars: ✭ 1,997 (+1061.05%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-9.3%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-34.3%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+1020.93%)
Nuclei TemplatesCommunity curated list of templates for the nuclei engine to find security vulnerabilities.
Stars: ✭ 1,354 (+687.21%)
GofingerprintGoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.
Stars: ✭ 120 (-30.23%)
Proof Of ConceptsA little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
Stars: ✭ 148 (-13.95%)
HackeronedbThe unofficial HackerOne disclosure Timeline
Stars: ✭ 117 (-31.98%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-5.81%)
Dns DiscoveryDNS-Discovery is a multithreaded subdomain bruteforcer.
Stars: ✭ 114 (-33.72%)
AutosetupAuto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.
Stars: ✭ 140 (-18.6%)
DekstereconWeb Application recon automation
Stars: ✭ 109 (-36.63%)
BbreconPython library and CLI for the Bug Bounty Recon API
Stars: ✭ 169 (-1.74%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-23.84%)
Awesome Bugbounty WriteupsA curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Stars: ✭ 2,429 (+1312.21%)
Aws ScannerScans a list of websites for Cloudfront or S3 Buckets
Stars: ✭ 93 (-45.93%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+968.02%)
Crlf Injection ScannerCommand line tool for testing CRLF injection on a list of domains.
Stars: ✭ 91 (-47.09%)
CspGiven a list of hosts, this small utility fetches all whitelisted domains from the hosts' CSPs.
Stars: ✭ 89 (-48.26%)
0l4bsCross-site scripting labs for web application security enthusiasts
Stars: ✭ 119 (-30.81%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+1421.51%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+1033.14%)
CorsmeCross Origin Resource Sharing MisConfiguration Scanner
Stars: ✭ 118 (-31.4%)
Security CheckerA PHP dependency vulnerabilities scanner based on the Security Advisories Database.
Stars: ✭ 115 (-33.14%)
MobilehackersweaponsMobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 170 (-1.16%)
GxssA tool to check a bunch of URLs that contain reflecting params.
Stars: ✭ 115 (-33.14%)
BbrAn open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
Stars: ✭ 142 (-17.44%)
ArissploitArissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (-33.72%)
Jira ScanCVE-2017-9506 - SSRF
Stars: ✭ 159 (-7.56%)
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (-18.6%)
UddupUrls de-duplication tool for better recon.
Stars: ✭ 103 (-40.12%)
Url TrackerChange monitoring app that checks the content of web pages in different periods.
Stars: ✭ 171 (-0.58%)
ArlARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+688.95%)
Wpscan V3THIS REPOSITORY HAS BEEN MOVED TO https://github.com/wpscanteam/wpscan USE THAT!!!
Stars: ✭ 132 (-23.26%)
Gf SecretsSecret and/ credential patterns used for gf.
Stars: ✭ 96 (-44.19%)
Di.we.hRepositório com conteúdo sobre web hacking em português
Stars: ✭ 156 (-9.3%)
S3scannerScan for open AWS S3 buckets and dump the contents
Stars: ✭ 1,319 (+666.86%)
Poc T渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework
Stars: ✭ 1,722 (+901.16%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+665.12%)
Bountystrike ShPoor (rich?) man's bug bounty pipeline
Stars: ✭ 168 (-2.33%)
AcamarA Python3 based single-file subdomain enumerator
Stars: ✭ 89 (-48.26%)
AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (-26.74%)
ApkleaksScanning APK file for URIs, endpoints & secrets.
Stars: ✭ 2,707 (+1473.84%)
SwiftnessA note-taking macOS app for penetration-testers.
Stars: ✭ 124 (-27.91%)
Webhackersweapons⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 1,205 (+600.58%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (+594.19%)
M3m0M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 124 (-27.91%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+1244.19%)
Tools TbhmTools of "The Bug Hunters Methodology V2 by @jhaddix"
Stars: ✭ 171 (-0.58%)