GospiderGospider - Fast web spider written in Go
Stars: ✭ 785 (+3040%)
HawkeyeHawkeye filesystem analysis tool
Stars: ✭ 202 (+708%)
hinjectHost Header Injection Checker
Stars: ✭ 64 (+156%)
AllaboutbugbountyAll about bug bounty (bypasses, payloads, and etc)
Stars: ✭ 758 (+2932%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+10368%)
Jasmin-RansomwareJasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.
Stars: ✭ 84 (+236%)
T1tl3A simple python script which can check HTTP status of branch of URLs/Subdomains and grab URLs/Subdomain title
Stars: ✭ 14 (-44%)
swissretsA swiss real estate transaction standard
Stars: ✭ 21 (-16%)
Bugs-feedBug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...
Stars: ✭ 90 (+260%)
Proof Of ConceptsA little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
Stars: ✭ 148 (+492%)
DomainedMulti Tool Subdomain Enumeration
Stars: ✭ 688 (+2652%)
AxiomThe dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
Stars: ✭ 2,424 (+9596%)
quick-recon.pyDo some quick reconnaissance on a domain-based web-application
Stars: ✭ 13 (-48%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (+2156%)
gf-patternsCollection grep patterns for Tom Hudson a.k.a Tomnomnom tools namely gf
Stars: ✭ 27 (+8%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+131536%)
GoaltdnsA permutation generation tool written in golang
Stars: ✭ 119 (+376%)
Learn365This repo is about @harshbothra_ 365 days of learning Tweet & Mindmap collection
Stars: ✭ 525 (+2000%)
daily-commonspeak2commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. Please use it instead: https://github.com/assetnote/wordlists
Stars: ✭ 38 (+52%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+1596%)
diotermsOpen-source vulnerability disclosure policy templates.
Stars: ✭ 48 (+92%)
AutosetupAuto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.
Stars: ✭ 140 (+460%)
OneforallOneForAll是一款功能强大的子域收集工具
Stars: ✭ 4,202 (+16708%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+5448%)
goverviewgoverview - Get an overview of the list of URLs
Stars: ✭ 93 (+272%)
HettyHetty is an HTTP toolkit for security research.
Stars: ✭ 3,596 (+14284%)
Ecommerce Website Security ChecklistList of considerations for commerce site auditing and security teams. This is summary of action points and areas that need to be built into the Techinical Specific Document, or will be checked in the Security testing phases.
Stars: ✭ 98 (+292%)
SubWalkerSimultaneously execute various subdomain enumeration tools and aggregate results.
Stars: ✭ 26 (+4%)
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (+460%)
H2csmugglerHTTP Request Smuggling over HTTP/2 Cleartext (h2c)
Stars: ✭ 292 (+1068%)
Clickjacking TesterA python script designed to check if the website if vulnerable of clickjacking and create a poc
Stars: ✭ 72 (+188%)
SubzySubdomain takeover vulnerability checker
Stars: ✭ 287 (+1048%)
quant-jobs-zurichA list of companies of possible interest for mathematicians (or related) that are looking for a job in quantitative finance in Zurich.
Stars: ✭ 59 (+136%)
LazyreconAn automated approach to performing recon for bug bounty hunting and penetration testing.
Stars: ✭ 282 (+1028%)
SsrfmapSimple Server Side Request Forgery services enumeration tool.
Stars: ✭ 50 (+100%)
ResourcesNo description or website provided.
Stars: ✭ 38 (+52%)
centCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
Stars: ✭ 315 (+1160%)
xssfinderToolset for detecting reflected xss in websites
Stars: ✭ 105 (+320%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+7612%)
MegplusAutomated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
Stars: ✭ 268 (+972%)
fdnssearchSwiftly search FDNS datasets from Rapid7 Open Data
Stars: ✭ 19 (-24%)
CommixAutomated All-in-One OS Command Injection Exploitation Tool.
Stars: ✭ 3,016 (+11964%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (+424%)
PriestExtract server and IP address information from Browser SSRF
Stars: ✭ 13 (-48%)
SourceWolfAmazingly fast response crawler to find juicy stuff in the source code! 😎🔥
Stars: ✭ 132 (+428%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+7248%)
SecurityExplainedSecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with the community to enable knowledge creation and learning.
Stars: ✭ 301 (+1104%)
HolyTipsA Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Stars: ✭ 1,210 (+4740%)
bug-bountyMy personal bug bounty toolkit.
Stars: ✭ 127 (+408%)
AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (+404%)