Public Disclosed Bug Bounty Reports formated in markdown

A command-line utility designed to recursively spider webpages for URLs. It works by actively traversing websites - following links embedded in webpages, parsing resources like sitemaps and robots.…

A command-line utility designed to discover URLs for a given domain in a simple, efficient way. It works by gathering information from a variety of passive sources, meaning it doesn't interact dire…

Python script for checking stream status for followed Twitch.tv channels

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

ELM327 Emulator for testing software interfacing OBDII via ELM327 adapter supporting multi-ECU simulation

The labs for my Udemy course (https://www.udemy.com/course/intro-to-bug-bounty-by-nahamsec)

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…

A Python program to scrape secrets from GitHub through usage of a large repository of dorks.

Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.

The project aims at creating target-specific wordlists for any web application that you are testing.

A python script that finds endpoints in JavaScript files

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

Urls status code & content length checker

Web Application recon automation

Fast web fuzzer written in Go

Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application

OneForAll是一款功能强大的子域收集工具

Compilation of Resources from TCM's Windows Priv Esc Udemy Course

Ressources for bug bounty hunting

The Bug Hunters Methodology

Crawl website extract links

Yet another subdomain finder

Starter files, final projects, and FAQ for my Complete JavaScript course

Exploitation for XSS

Data from my Sunday streams

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based …

⭐ A collection of awesome lists, manuals, blogs, hacks, one-liners, cli/web tools and more.