s3reconAmazon S3 bucket finder and crawler.
Stars: ✭ 111 (+753.85%)
ZenFind emails of Github users
Stars: ✭ 343 (+2538.46%)
Dns DiscoveryDNS-Discovery is a multithreaded subdomain bruteforcer.
Stars: ✭ 114 (+776.92%)
HolyTipsA Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Stars: ✭ 1,210 (+9207.69%)
sx🖖 Fast, modern, easy-to-use network scanner
Stars: ✭ 1,267 (+9646.15%)
osintDocker image for osint
Stars: ✭ 92 (+607.69%)
PandorasBoxSecurity tool to quickly audit Public Box files and folders.
Stars: ✭ 56 (+330.77%)
NatlasScaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.
Stars: ✭ 333 (+2461.54%)
ctfCTF programs and writeups
Stars: ✭ 22 (+69.23%)
XposedOrNotXposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.
Stars: ✭ 120 (+823.08%)
ReconnoteWeb Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters
Stars: ✭ 322 (+2376.92%)
CspGiven a list of hosts, this small utility fetches all whitelisted domains from the hosts' CSPs.
Stars: ✭ 89 (+584.62%)
CommandGenInterfaceSimple vueJS based command generator which I developed in order to learn vueJS a little bit more.
Stars: ✭ 17 (+30.77%)
Webhackersweapons⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 1,205 (+9169.23%)
Find-HardcodedYou can find hardcoded Api-Key,Secret,Token Etc..
Stars: ✭ 63 (+384.62%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (+376.92%)
ZileExtract API keys from file or url using by magic of python and regex.
Stars: ✭ 61 (+369.23%)
mailcatFind existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬
Stars: ✭ 219 (+1584.62%)
Differerdifferer finds how URLs are parsed by different languages in order to help bug hunters break filters
Stars: ✭ 56 (+330.77%)
NtlmreconEnumerate information from NTLM authentication enabled web endpoints 🔎
Stars: ✭ 252 (+1838.46%)
fransReconScript will enumerate domain name using horizontal enumeration, reverse lookup. Each horziontal domain will then be vertically enumerated using Sublist3r.
Stars: ✭ 31 (+138.46%)
VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (+1969.23%)
PulsarNetwork footprint scanner platform. Discover domains and run your custom checks periodically.
Stars: ✭ 314 (+2315.38%)
frida setupOne-click installer for Frida and Burp certs for SSL Pinning bypass
Stars: ✭ 47 (+261.54%)
requests-ip-rotatorA Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
Stars: ✭ 323 (+2384.62%)
sharinganOffensive Security recon tool
Stars: ✭ 88 (+576.92%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+26846.15%)
BurpbountyBurp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Stars: ✭ 1,026 (+7792.31%)
PhoniaPhonia Toolkit is one of the most advanced toolkits to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with a very good accuracy.
Stars: ✭ 221 (+1600%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+7761.54%)
HashExploitHashExpoit is Great Tool For Cracking Hash
Stars: ✭ 17 (+30.77%)
ArjunHTTP parameter discovery suite.
Stars: ✭ 2,792 (+21376.92%)
Tiny Xss PayloadsA collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Stars: ✭ 975 (+7400%)
GogitdumperDump exposed HTTP .git fast
Stars: ✭ 27 (+107.69%)
DiscoverCustom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
Stars: ✭ 2,548 (+19500%)
Dalfox🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Stars: ✭ 791 (+5984.62%)
ldap2jsonThe ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.
Stars: ✭ 56 (+330.77%)
InventusInventus is a spider designed to find subdomains of a specific domain by crawling it and any subdomains it discovers.
Stars: ✭ 80 (+515.38%)
MeerkatA collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
Stars: ✭ 284 (+2084.62%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+5800%)
Whoishere.pyWIFI Client Detection - Identify people by assigning a name to a device performing a wireless probe request.
Stars: ✭ 182 (+1300%)
AllaboutbugbountyAll about bug bounty (bypasses, payloads, and etc)
Stars: ✭ 758 (+5730.77%)
hack-pet🐰 Managing command snippets for hackers/bug bounty hunters. with pet.
Stars: ✭ 77 (+492.31%)
reFlutterFlutter Reverse Engineering Framework
Stars: ✭ 698 (+5269.23%)
KaliIntelligenceSuiteKali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.
Stars: ✭ 58 (+346.15%)
WordlistsInfosec Wordlists
Stars: ✭ 271 (+1984.62%)
cookAn overpower wordlist generator, splitter, merger, finder, permutator, encoder, decoder.. Frustration killer. Customizable. The Wordlist Framework.
Stars: ✭ 385 (+2861.54%)
spellbookFramework for rapid development and reusable of security tools
Stars: ✭ 67 (+415.38%)
Bugbounty Scansaquatone results for sites with bug bountys
Stars: ✭ 249 (+1815.38%)
Cc.pyExtracting URLs of a specific target based on the results of "commoncrawl.org"
Stars: ✭ 250 (+1823.08%)