DekstereconWeb Application recon automation
Stars: ✭ 109 (-37.71%)
Aws ScannerScans a list of websites for Cloudfront or S3 Buckets
Stars: ✭ 93 (-46.86%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+1001.71%)
GxssA tool to check a bunch of URLs that contain reflecting params.
Stars: ✭ 115 (-34.29%)
GitgrabergitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Stars: ✭ 1,164 (+565.14%)
Jira ScanCVE-2017-9506 - SSRF
Stars: ✭ 159 (-9.14%)
CspGiven a list of hosts, this small utility fetches all whitelisted domains from the hosts' CSPs.
Stars: ✭ 89 (-49.14%)
SwiftnessA note-taking macOS app for penetration-testers.
Stars: ✭ 124 (-29.14%)
HackeronedbThe unofficial HackerOne disclosure Timeline
Stars: ✭ 117 (-33.14%)
ZileExtract API keys from file or url using by magic of python and regex.
Stars: ✭ 61 (-65.14%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+1395.43%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-35.43%)
Nuclei TemplatesCommunity curated list of templates for the nuclei engine to find security vulnerabilities.
Stars: ✭ 1,354 (+673.71%)
AutosetupAuto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.
Stars: ✭ 140 (-20%)
MobilehackersweaponsMobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 170 (-2.86%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+949.71%)
Webhackersweapons⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 1,205 (+588.57%)
Di.we.hRepositório com conteúdo sobre web hacking em português
Stars: ✭ 156 (-10.86%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-64.57%)
GofingerprintGoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.
Stars: ✭ 120 (-31.43%)
CorsmeCross Origin Resource Sharing MisConfiguration Scanner
Stars: ✭ 118 (-32.57%)
Rfd CheckerRFD Checker - security CLI tool to test Reflected File Download issues
Stars: ✭ 56 (-68%)
Ssti Payloads🎯 Server Side Template Injection Payloads
Stars: ✭ 150 (-14.29%)
QuickxssAutomating XSS using Bash
Stars: ✭ 113 (-35.43%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (-6.86%)
Dns DiscoveryDNS-Discovery is a multithreaded subdomain bruteforcer.
Stars: ✭ 114 (-34.86%)
Proof Of ConceptsA little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
Stars: ✭ 148 (-15.43%)
Tools TbhmTools of "The Bug Hunters Methodology V2 by @jhaddix"
Stars: ✭ 171 (-2.29%)
UddupUrls de-duplication tool for better recon.
Stars: ✭ 103 (-41.14%)
BbrAn open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
Stars: ✭ 142 (-18.86%)
ArlARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+675.43%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-7.43%)
Gf SecretsSecret and/ credential patterns used for gf.
Stars: ✭ 96 (-45.14%)
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (-20%)
S3scannerScan for open AWS S3 buckets and dump the contents
Stars: ✭ 1,319 (+653.71%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+652%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-25.14%)
AcamarA Python3 based single-file subdomain enumerator
Stars: ✭ 89 (-49.14%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-10.86%)
AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (-28%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (+582.29%)
BbreconPython library and CLI for the Bug Bounty Recon API
Stars: ✭ 169 (-3.43%)
FindsploitFind exploits in local and online databases instantly
Stars: ✭ 1,160 (+562.86%)
0l4bsCross-site scripting labs for web application security enthusiasts
Stars: ✭ 119 (-32%)
S3reverseThe format of various s3 buckets is convert in one format. for bugbounty and security testing.
Stars: ✭ 61 (-65.14%)
Awesome Bugbounty WriteupsA curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Stars: ✭ 2,429 (+1288%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+1013.71%)
TuktukTool for catching and logging different types of requests.
Stars: ✭ 174 (-0.57%)
Url TrackerChange monitoring app that checks the content of web pages in different periods.
Stars: ✭ 171 (-2.29%)
ApkleaksScanning APK file for URIs, endpoints & secrets.
Stars: ✭ 2,707 (+1446.86%)
GreconYour Google Recon is Now Automated
Stars: ✭ 119 (-32%)