343 Open source projects that are alternatives of or similar to Jaeles Signatures

Fast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques

all manner of wordlists

You can find hardcoded Api-Key,Secret,Token Etc..

Unique wordlist generator of unique wordlists.

A collection of some of my scripts

Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥

A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner

Hexrays Toolbox - Find code patterns within the Hexrays AST

Biu-framework🚀 Security Scan Framework For Enterprise Intranet Based Services(企业内网基础服务安全扫描框架)

aquatone results for sites with bug bountys

Extracting URLs of a specific target based on the results of "commoncrawl.org"

Awesome Writeups and POCs

Simple shell script for automated domain recognition with some tools

Community curated list of public bug bounty and responsible disclosure programs.

A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.

A simple SSRF-testing sheriff written in Go

DNSProb is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers.

An OSINT tool to find contacts in order to report security vulnerabilities.

Rockyou for web fuzzing

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

A passive subdomain finder

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

🎯 RFI/LFI Payload List

qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.

Metasploit custom modules, plugins, resource script and.. awesome metasploit collection

A tool to automate the boring process of APK recon

Decode All Bases - Base Scheme Decoder

Tutorials and Things to Do while Hunting Vulnerability.

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

A tool to fastly get all javascript sources/files

Automation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Awesome Vulnerable Applications

XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities

🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)

挖掘国内外漏洞平台必备的自动化捡钱赏金技巧，看了并去做了捡钱如喝水。

Tool for catching and logging different types of requests.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…