AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (+2.27%)
frida setupOne-click installer for Frida and Burp certs for SSL Pinning bypass
Stars: ✭ 47 (+6.82%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+568.18%)
sub404A python tool to check subdomain takeover vulnerability
Stars: ✭ 205 (+365.91%)
NightingaleIt's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (+170.45%)
TokenBreakerJSON RSA to HMAC and None Algorithm Vulnerability POC
Stars: ✭ 51 (+15.91%)
magicReconMagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (+986.36%)
roboxtractorExtract endpoints marked as disallow in robots files to generate wordlists.
Stars: ✭ 40 (-9.09%)
PayloadsPayload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (+856.82%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+4075%)
Sub-DrillA very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
Stars: ✭ 70 (+59.09%)
Bug-HuntingA Collection of Notes, Methodologies, POCs and everything else related to Bug Hunting.
Stars: ✭ 110 (+150%)
Bucket-FlawsBucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
Stars: ✭ 43 (-2.27%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+11029.55%)
BurpbountyBurp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Stars: ✭ 1,026 (+2231.82%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (+279.55%)
PriestExtract server and IP address information from Browser SSRF
Stars: ✭ 13 (-70.45%)
HostPanicFind host header injections and perform Host Header attacks with other kind of bugs like web cache poissoning
Stars: ✭ 23 (-47.73%)
swiss-bugbounty-programsList of bug bounty and coordinated vulnerability disclosure programs of companies/organisations in Switzerland
Stars: ✭ 25 (-43.18%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+7715.91%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-34.09%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+222.73%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+1056.82%)
SuboverA Powerful Subdomain Takeover Tool
Stars: ✭ 607 (+1279.55%)
fleexFleex makes it easy to create multiple VPS on cloud providers and use them to distribute workloads.
Stars: ✭ 181 (+311.36%)
SubdomainizerA tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
Stars: ✭ 915 (+1979.55%)
BbrAn open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
Stars: ✭ 142 (+222.73%)
hackarsenaltoolkitHacking arsenal. This script download the latest tools, wordlists, releases and install common hacking tools
Stars: ✭ 39 (-11.36%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+645.45%)
PassivehunterSubdomain discovery using the power of 'The Rapid7 Project Sonar datasets'
Stars: ✭ 83 (+88.64%)
DeadDNSDNS hijacking via dead records automation tool
Stars: ✭ 44 (+0%)
credcheckCredentials Checking Framework
Stars: ✭ 50 (+13.64%)
cf-checkCloudFlare Checker written in Go
Stars: ✭ 147 (+234.09%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (+2613.64%)
Di.we.hRepositório com conteúdo sobre web hacking em português
Stars: ✭ 156 (+254.55%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-2.27%)
SQLi-Query-TamperingSQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (+179.55%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+16368.18%)
Awesome BbhtA bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (+331.82%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 1,572 (+3472.73%)
rejigTurn your VPS into an attack box
Stars: ✭ 33 (-25%)
DGFraud-TF2A Deep Graph-based Toolbox for Fraud Detection in TensorFlow 2.X
Stars: ✭ 84 (+90.91%)
ScanApiSubdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.
Stars: ✭ 34 (-22.73%)
ipsourcebypassThis Python script can be used to bypass IP source restrictions using HTTP headers.
Stars: ✭ 326 (+640.91%)
Black-ToolInstall the tools and start Attacking , black-tool v5.0 ! ⬛
Stars: ✭ 239 (+443.18%)
Awesome-HTTPRequestSmugglingA curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! 🍻
Stars: ✭ 97 (+120.45%)
minipwnerA script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".
Stars: ✭ 53 (+20.45%)
Bugs-feedBug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...
Stars: ✭ 90 (+104.55%)
Blind-SSRFNuclei Templates to reproduce Cracking the lens's Research
Stars: ✭ 111 (+152.27%)