apkizerapkizer is a mass downloader for android applications for all available versions.
Stars: ✭ 40 (+25%)
Awesome-HTTPRequestSmugglingA curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! 🍻
Stars: ✭ 97 (+203.13%)
fdnssearchSwiftly search FDNS datasets from Rapid7 Open Data
Stars: ✭ 19 (-40.62%)
boxerBoxer: A fast directory bruteforce tool written in Python with concurrency.
Stars: ✭ 15 (-53.12%)
xssfinderToolset for detecting reflected xss in websites
Stars: ✭ 105 (+228.13%)
Sub-DrillA very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
Stars: ✭ 70 (+118.75%)
KaliIntelligenceSuiteKali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.
Stars: ✭ 58 (+81.25%)
nerdbugFull Nuclei automation script with logic explanation.
Stars: ✭ 153 (+378.13%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-9.37%)
HostPanicFind host header injections and perform Host Header attacks with other kind of bugs like web cache poissoning
Stars: ✭ 23 (-28.12%)
dontgo403Tool to bypass 40X response codes.
Stars: ✭ 457 (+1328.13%)
gradejsGradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
Stars: ✭ 362 (+1031.25%)
Jasmin-RansomwareJasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
Stars: ✭ 84 (+162.5%)
SuperLibraryInformation Security Library
Stars: ✭ 60 (+87.5%)
Bucket-FlawsBucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
Stars: ✭ 43 (+34.38%)
InventusInventus is a spider designed to find subdomains of a specific domain by crawling it and any subdomains it discovers.
Stars: ✭ 80 (+150%)
shaniaScan secrets from Continuous Integration Build Logs
Stars: ✭ 54 (+68.75%)
Jira-LensFast and customizable vulnerability scanner For JIRA written in Python
Stars: ✭ 185 (+478.13%)
PassivehunterSubdomain discovery using the power of 'The Rapid7 Project Sonar datasets'
Stars: ✭ 83 (+159.38%)
rejigTurn your VPS into an attack box
Stars: ✭ 33 (+3.13%)
project-blackPentest/BugBounty progress control with scanning modules
Stars: ✭ 279 (+771.88%)
Bugs-feedBug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...
Stars: ✭ 90 (+181.25%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+343.75%)
allsafeIntentionally vulnerable Android application.
Stars: ✭ 135 (+321.88%)
WhoEnumMass querying whois records
Stars: ✭ 24 (-25%)
ras-fuzzerRAS(RAndom Subdomain) Fuzzer
Stars: ✭ 42 (+31.25%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-3.12%)
Virtual-HostModified Nuclei Templates Version to FUZZ Host Header
Stars: ✭ 38 (+18.75%)
bhedakA replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.
Stars: ✭ 77 (+140.63%)
gf-patternsCollection grep patterns for Tom Hudson a.k.a Tomnomnom tools namely gf
Stars: ✭ 27 (-15.62%)
micro-sentryTiny Sentry client with idiomatic wrapper for Angular
Stars: ✭ 100 (+212.5%)
bug-bountyMy personal bug bounty toolkit.
Stars: ✭ 127 (+296.88%)
goverviewgoverview - Get an overview of the list of URLs
Stars: ✭ 93 (+190.63%)
magicReconMagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (+1393.75%)
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (+40.63%)
VPS-Bug-Bounty-ToolsScript that automates the installation of the main tools used for web application penetration testing and Bug Bounty.
Stars: ✭ 44 (+37.5%)
EmissarySend notifications on different channels such as Slack, Telegram, Discord etc.
Stars: ✭ 33 (+3.13%)
NightingaleIt's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (+271.88%)
ICUAn Extended, Modulair, Host Discovery Framework
Stars: ✭ 40 (+25%)
doraFind exposed API keys based on RegEx and get exploitation methods for some of keys that are found
Stars: ✭ 229 (+615.63%)
BugBountyHuntingScriptsI built some bash functions to help me while doing mundane and repetitive tasks using BBRF, Nuclei or other Bug bounty tool.
Stars: ✭ 160 (+400%)
Bug-HuntingA Collection of Notes, Methodologies, POCs and everything else related to Bug Hunting.
Stars: ✭ 110 (+243.75%)
BurpSQLTruncSannerMessy BurpSuite plugin for SQL Truncation vulnerabilities.
Stars: ✭ 53 (+65.63%)
roboxtractorExtract endpoints marked as disallow in robots files to generate wordlists.
Stars: ✭ 40 (+25%)
DeadDNSDNS hijacking via dead records automation tool
Stars: ✭ 44 (+37.5%)
SourceWolfAmazingly fast response crawler to find juicy stuff in the source code! 😎🔥
Stars: ✭ 132 (+312.5%)
request smugglerHttp request smuggling vulnerability scanner
Stars: ✭ 203 (+534.38%)
gosintGosint is a distributed asset information collection and vulnerability scanning platform
Stars: ✭ 344 (+975%)
AstraAstra is a tool to find URLs and secrets inside a webpage/files
Stars: ✭ 187 (+484.38%)
urldedupePass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
Stars: ✭ 208 (+550%)
centCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
Stars: ✭ 315 (+884.38%)
CommandGenInterfaceSimple vueJS based command generator which I developed in order to learn vueJS a little bit more.
Stars: ✭ 17 (-46.87%)
SQLi-Query-TamperingSQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (+284.38%)
ShadowCloneUnleash the power of cloud
Stars: ✭ 224 (+600%)