Stars
Community curated list of templates for the nuclei engine to find security vulnerabilities.
Reversino is a tool for finding subdomains from IP ranges or CIDR subnets.
PDF Files for Pentesting
The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widesprea…
A powerful bash script for massive XSS scanning leveraging Brute Logic's KNOXSS API
403/401 Bypass Methods + Bash Automation + Your Support ;)
Fetch all the URLs that the Wayback Machine knows about for a domain
SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across …
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…
Nuclei (https://github.com/projectdiscovery/nuclei) templates for extracting juicy info from web pages
Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.
Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.
A next-generation crawling and spidering framework.
Here I gather all the resources about hacking that I find interesting
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …
Simple tool to gather domains from crt.sh using the organization name
One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️
A Fuzzer for OpenRedirect issues
Checklist of the most important security countermeasures when designing, testing, and releasing your API
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
Uncover forgotten secrets and bring them back to life, haunting security and operations teams.