1337 Wordlists for Bug Bounty Hunting

The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.

These are my checklists which I use during my hunting.

Subdomain Enumerator and Simple Crawler

Check subdomains for subdomain takeovers and other DNS tomfoolery

This repo contains different variants of Bug Bounty & Security & Pentest & Tech related Articles

Mind-Maps of Several Things

A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability

A Bash script to monitor the status of hosts. It allows you to add, remove, display, clean duplicate entries, and count unique IP addresses. Use long (--add, --clean) or short (a, c) command option…

Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).

Advanced CORS Header Checker Tool with Vulnerability Detection and Bypass Attempts

PDF Files for Pentesting

This Repositories contains list of One Liners with Descriptions and Installation requirements

Scrape domain names from SSL certificates of arbitrary hosts

A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.

🕵️‍♂️ All-in-one OSINT tool for analysing any website

A really fast http prober.

Reverse proxies cheatsheet

POC for CVE-2024-36991: This exploit will attempt to read Splunk /etc/passwd file.

[ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻

Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!

GH-Takeover — GitHub Pages Sub-domain Takeover Automation!