SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (-36.56%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (-43.87%)
HaliveA fast http and https prober, to check which URLs are alive
Stars: ✭ 47 (-96.53%)
Tiny Xss PayloadsA collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Stars: ✭ 975 (-27.99%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (-52.44%)
Rfd CheckerRFD Checker - security CLI tool to test Reflected File Download issues
Stars: ✭ 56 (-95.86%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (-41.95%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (-47.78%)
DrishtiA fast HTTP Response status checker implemented in Python3
Stars: ✭ 46 (-96.6%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (-28.06%)
S3reverseThe format of various s3 buckets is convert in one format. for bugbounty and security testing.
Stars: ✭ 61 (-95.49%)
GogitdumperDump exposed HTTP .git fast
Stars: ✭ 27 (-98.01%)
AcamarA Python3 based single-file subdomain enumerator
Stars: ✭ 89 (-93.43%)
SubdomainizerA tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
Stars: ✭ 915 (-32.42%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (-20.75%)
ParamspiderMining parameters from dark corners of Web Archives
Stars: ✭ 781 (-42.32%)
S3scannerScan for open AWS S3 buckets and dump the contents
Stars: ✭ 1,319 (-2.58%)
Bypass Firewalls By Dns HistoryFirewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
Stars: ✭ 739 (-45.42%)
Bug Bounty ResponsesA collection of response templates for invalid bug bounty reports.
Stars: ✭ 46 (-96.6%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+435.16%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (-11.82%)
Assessment MindsetSecurity Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
Stars: ✭ 608 (-55.1%)
AwsbucketdumpSecurity Tool to Look For Interesting Files in S3 Buckets
Stars: ✭ 1,021 (-24.59%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (-56.94%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-95.42%)
BrutexAutomatically brute force all services running on a target.
Stars: ✭ 974 (-28.06%)
Crlf Injection ScannerCommand line tool for testing CRLF injection on a list of domains.
Stars: ✭ 91 (-93.28%)
TakeoverA tool for testing subdomain takeover possibilities at a mass scale.
Stars: ✭ 28 (-97.93%)
ZileExtract API keys from file or url using by magic of python and regex.
Stars: ✭ 61 (-95.49%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (-34.49%)
Urlhuntera recon tool that allows searching on URLs that are exposed via shortener services
Stars: ✭ 934 (-31.02%)
Differerdifferer finds how URLs are parsed by different languages in order to help bug hunters break filters
Stars: ✭ 56 (-95.86%)
Dalfox🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Stars: ✭ 791 (-41.58%)
CspGiven a list of hosts, this small utility fetches all whitelisted domains from the hosts' CSPs.
Stars: ✭ 89 (-93.43%)
GospiderGospider - Fast web spider written in Go
Stars: ✭ 785 (-42.02%)
Pentesting BibleLearn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+563.29%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (-43.35%)
AllaboutbugbountyAll about bug bounty (bypasses, payloads, and etc)
Stars: ✭ 758 (-44.02%)
Webhackersweapons⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 1,205 (-11%)
DomainedMulti Tool Subdomain Enumeration
Stars: ✭ 688 (-49.19%)
Pcwt Stars: ✭ 46 (-96.6%)
Aws ScannerScans a list of websites for Cloudfront or S3 Buckets
Stars: ✭ 93 (-93.13%)
SuboverA Powerful Subdomain Takeover Tool
Stars: ✭ 607 (-55.17%)
BurpbountyBurp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Stars: ✭ 1,026 (-24.22%)
GitgrabergitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Stars: ✭ 1,164 (-14.03%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (-24.52%)
ArlARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+0.22%)
Gf SecretsSecret and/ credential patterns used for gf.
Stars: ✭ 96 (-92.91%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (-2.81%)
FindsploitFind exploits in local and online databases instantly
Stars: ✭ 1,160 (-14.33%)
Legal Bug Bounty#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.
Stars: ✭ 42 (-96.9%)