Yotteryotter - bash script that performs recon and then uses dirb to discover directories that might lead to information leakage
Stars: ✭ 118 (-32.57%)
PhpvulnAudit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146 (-16.57%)
CorsmeCross Origin Resource Sharing MisConfiguration Scanner
Stars: ✭ 118 (-32.57%)
HackeronedbThe unofficial HackerOne disclosure Timeline
Stars: ✭ 117 (-33.14%)
Cloudflare Cors AnywhereCORS "anywhere" proxy in a Cloudflare worker. DEMO at: https://test.cors.workers.dev/
Stars: ✭ 162 (-7.43%)
Browser Preview🎢Preview html file in your default browser
Stars: ✭ 148 (-15.43%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-33.71%)
QuickxssAutomating XSS using Bash
Stars: ✭ 113 (-35.43%)
Proof Of ConceptsA little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
Stars: ✭ 148 (-15.43%)
GitmonitorOne way to continuously monitor sensitive information that could be exposed on Github
Stars: ✭ 115 (-34.29%)
GxssA tool to check a bunch of URLs that contain reflecting params.
Stars: ✭ 115 (-34.29%)
Dns DiscoveryDNS-Discovery is a multithreaded subdomain bruteforcer.
Stars: ✭ 114 (-34.86%)
NelmiocorsbundleThe NelmioCorsBundle allows you to send Cross-Origin Resource Sharing
headers with ACL-style per-URL configuration.
Stars: ✭ 1,615 (+822.86%)
Sanic CorsA Sanic extension for handling Cross Origin Resource Sharing (CORS), making cross-origin AJAX possible. Based on flask-cors by Cory Dolphin.
Stars: ✭ 143 (-18.29%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-35.43%)
WorkersCloudflare Workers
Stars: ✭ 111 (-36.57%)
Tools TbhmTools of "The Bug Hunters Methodology V2 by @jhaddix"
Stars: ✭ 171 (-2.29%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-7.43%)
BbrAn open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
Stars: ✭ 142 (-18.86%)
Egg CorsCORS plugin for egg
Stars: ✭ 140 (-20%)
Cve 2019 7609exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts
Stars: ✭ 108 (-38.29%)
AlbatarAlbatar is a SQLi exploitation framework in Python
Stars: ✭ 108 (-38.29%)
StrikerStriker is an offensive information and vulnerability scanner.
Stars: ✭ 1,851 (+957.71%)
Gin CorsCross Origin Resource Sharing middleware for gin-gonic
Stars: ✭ 107 (-38.86%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-40%)
Gitlab rceRCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1
Stars: ✭ 104 (-40.57%)
MobilehackersweaponsMobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 170 (-2.86%)
Jira ScanCVE-2017-9506 - SSRF
Stars: ✭ 159 (-9.14%)
QuiverQuiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (-20%)
VailynA phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-41.14%)
WpreconWPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.
Stars: ✭ 135 (-22.86%)
Nuclei TemplatesCommunity curated list of templates for the nuclei engine to find security vulnerabilities.
Stars: ✭ 1,354 (+673.71%)
Typescript Restful StarterNode.js + ExpressJS + Joi + Typeorm + Typescript + JWT + ES2015 + Clustering + Tslint + Mocha + Chai
Stars: ✭ 97 (-44.57%)
Osint Tools👀 Some of my favorite OSINT tools.
Stars: ✭ 155 (-11.43%)
Apk Utilities🛠 Tools and scripts to manipulate Android APKs
Stars: ✭ 134 (-23.43%)
Gf SecretsSecret and/ credential patterns used for gf.
Stars: ✭ 96 (-45.14%)
RecsechRecsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Stars: ✭ 173 (-1.14%)
SiemSIEM Tactics, Techiques, and Procedures
Stars: ✭ 157 (-10.29%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 1,693 (+867.43%)
S3scannerScan for open AWS S3 buckets and dump the contents
Stars: ✭ 1,319 (+653.71%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+1001.71%)
Cors Nowreverse proxy with CORS headers.
Stars: ✭ 93 (-46.86%)
Aws ScannerScans a list of websites for Cloudfront or S3 Buckets
Stars: ✭ 93 (-46.86%)
RescopeRescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.
Stars: ✭ 156 (-10.86%)
AutoenumAutomatic Service Enumeration Script
Stars: ✭ 134 (-23.43%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+652%)
WinpwnAutomation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+644.57%)
Klik SocialmediawebsiteComplete PHP-based Login/Registration system, Profile system, Chat room, Forum system and Blog/Polls/Event Management System.
Stars: ✭ 129 (-26.29%)