aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-23.21%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (+191.07%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-48.21%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-57.14%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+3380.36%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+153.57%)
rejigTurn your VPS into an attack box
Stars: ✭ 33 (-41.07%)
T1tl3A simple python script which can check HTTP status of branch of URLs/Subdomains and grab URLs/Subdomain title
Stars: ✭ 14 (-75%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-37.5%)
Project BlackPentest/BugBounty progress control with scanning modules
Stars: ✭ 257 (+358.93%)
osmedeus-workflowCommunity Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own
Stars: ✭ 26 (-53.57%)
leaky-pathsA collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
Stars: ✭ 507 (+805.36%)
PastebinMarkdownXSSXSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (+50%)
Go DorkThe fastest dork scanner written in Go.
Stars: ✭ 274 (+389.29%)
H2csmugglerHTTP Request Smuggling over HTTP/2 Cleartext (h2c)
Stars: ✭ 292 (+421.43%)
Legal Bug Bounty#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.
Stars: ✭ 42 (-25%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (+357.14%)
Bugbounty CheatsheetA list of interesting payloads, tips and tricks for bug bounty hunters.
Stars: ✭ 3,644 (+6407.14%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (+471.43%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+1816.07%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+657.14%)
HershellHershell is a simple TCP reverse shell written in Go.
Stars: ✭ 442 (+689.29%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+1639.29%)
gwdomainssub domain wild card filtering tool
Stars: ✭ 38 (-32.14%)
HolyTipsA Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Stars: ✭ 1,210 (+2060.71%)
spellbookFramework for rapid development and reusable of security tools
Stars: ✭ 67 (+19.64%)
targetsA collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.
Stars: ✭ 85 (+51.79%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+58666.07%)
SubcertSubcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.
Stars: ✭ 58 (+3.57%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+778.57%)
RedcloudAutomated Red Team Infrastructure deployement using Docker
Stars: ✭ 551 (+883.93%)
Bug Bounty ResponsesA collection of response templates for invalid bug bounty reports.
Stars: ✭ 46 (-17.86%)
LazyreconAn automated approach to performing recon for bug bounty hunting and penetration testing.
Stars: ✭ 282 (+403.57%)
MegplusAutomated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
Stars: ✭ 268 (+378.57%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+1482.14%)
CloudbruteAwesome cloud enumerator
Stars: ✭ 268 (+378.57%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (+453.57%)
HettyHetty is an HTTP toolkit for security research.
Stars: ✭ 3,596 (+6321.43%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+485.71%)
juumla🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.
Stars: ✭ 107 (+91.07%)
PwndocPentest Report Generator
Stars: ✭ 417 (+644.64%)
GosintOSINT Swiss Army Knife
Stars: ✭ 401 (+616.07%)
BugbountyguideBug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.
Stars: ✭ 338 (+503.57%)
Learn365This repo is about @harshbothra_ 365 days of learning Tweet & Mindmap collection
Stars: ✭ 525 (+837.5%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+808.93%)
IosMost usable tools for iOS penetration testing
Stars: ✭ 563 (+905.36%)
Awesome InfosecA curated list of awesome infosec courses and training resources.
Stars: ✭ 3,779 (+6648.21%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+12189.29%)
Assessment MindsetSecurity Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
Stars: ✭ 608 (+985.71%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+12839.29%)
VuldashVulnerability Dashboard
Stars: ✭ 16 (-71.43%)
DomainedMulti Tool Subdomain Enumeration
Stars: ✭ 688 (+1128.57%)
Pcwt Stars: ✭ 46 (-17.86%)
ChashellChashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
Stars: ✭ 742 (+1225%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+6533.93%)