Blind-SSRFNuclei Templates to reproduce Cracking the lens's Research
Stars: ✭ 111 (+192.11%)
centCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
Stars: ✭ 315 (+728.95%)
nerdbugFull Nuclei automation script with logic explanation.
Stars: ✭ 153 (+302.63%)
EagleMultithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities
Stars: ✭ 85 (+123.68%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (+326.32%)
leaky-pathsA collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
Stars: ✭ 507 (+1234.21%)
magicReconMagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (+1157.89%)
PriestExtract server and IP address information from Browser SSRF
Stars: ✭ 13 (-65.79%)
PinaakA vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan
Stars: ✭ 69 (+81.58%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (+1384.21%)
BbreconPython library and CLI for the Bug Bounty Recon API
Stars: ✭ 169 (+344.74%)
requests-ip-rotatorA Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
Stars: ✭ 323 (+750%)
Bugs-feedBug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...
Stars: ✭ 90 (+136.84%)
WDIRGood resources about web security that I have read.
Stars: ✭ 14 (-63.16%)
ObserverWard 0x727Cross platform community web fingerprint identification tool
Stars: ✭ 529 (+1292.11%)
nclnuclei framework scripts
Stars: ✭ 25 (-34.21%)
vulnerability-dbVulnerability database and package search for sources such as OSV, NVD, GitHub and npm.
Stars: ✭ 36 (-5.26%)
Sub-DrillA very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
Stars: ✭ 70 (+84.21%)
plasma-dotfilesIn this repository I intend to keep configuration files that I deem important, in addition to the theme customizations that I make to have a consistent working environment.
Stars: ✭ 58 (+52.63%)
HostPanicFind host header injections and perform Host Header attacks with other kind of bugs like web cache poissoning
Stars: ✭ 23 (-39.47%)
massh-enumOpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).
Stars: ✭ 136 (+257.89%)
CVE-2019-8449CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
Stars: ✭ 66 (+73.68%)
project-blackPentest/BugBounty progress control with scanning modules
Stars: ✭ 279 (+634.21%)
gf-patternsCollection grep patterns for Tom Hudson a.k.a Tomnomnom tools namely gf
Stars: ✭ 27 (-28.95%)
BurpSQLTruncSannerMessy BurpSuite plugin for SQL Truncation vulnerabilities.
Stars: ✭ 53 (+39.47%)
CJ2018-Final-CTFCyber Jawara 2018 Final - Attack & Defense CTF services environments based on Docker.
Stars: ✭ 58 (+52.63%)
goverviewgoverview - Get an overview of the list of URLs
Stars: ✭ 93 (+144.74%)
PocOrExp in Github聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.
Stars: ✭ 544 (+1331.58%)
request smugglerHttp request smuggling vulnerability scanner
Stars: ✭ 203 (+434.21%)
shaniaScan secrets from Continuous Integration Build Logs
Stars: ✭ 54 (+42.11%)
allsafeIntentionally vulnerable Android application.
Stars: ✭ 135 (+255.26%)
urldedupePass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
Stars: ✭ 208 (+447.37%)
AstraAstra is a tool to find URLs and secrets inside a webpage/files
Stars: ✭ 187 (+392.11%)
exploitsSome personal exploits/pocs
Stars: ✭ 52 (+36.84%)
vacuumVacuum is a system-wide configuration file collector
Stars: ✭ 25 (-34.21%)
ShadowCloneUnleash the power of cloud
Stars: ✭ 224 (+489.47%)
WhoEnumMass querying whois records
Stars: ✭ 24 (-36.84%)
pwn-pulseExploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
Stars: ✭ 126 (+231.58%)
Bucket-FlawsBucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
Stars: ✭ 43 (+13.16%)
SQLi-Query-TamperingSQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (+223.68%)
ssrf-vuls国光的手把手带你用 SSRF 打穿内网靶场源码
Stars: ✭ 235 (+518.42%)
autheliaInstructions and configuration files to deploy Authelia in Unraid OS using Docker + FreeIPA LDAP.
Stars: ✭ 116 (+205.26%)
dontgo403Tool to bypass 40X response codes.
Stars: ✭ 457 (+1102.63%)
i3Archivos de configuraciones de i3
Stars: ✭ 32 (-15.79%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-18.42%)
boxerBoxer: A fast directory bruteforce tool written in Python with concurrency.
Stars: ✭ 15 (-60.53%)
patton-cliThe knife of the Admin & Security auditor
Stars: ✭ 42 (+10.53%)
ssrf filterA ruby gem for defending against Server Side Request Forgery (SSRF) attacks
Stars: ✭ 68 (+78.95%)