A collection of various awesome lists for hackers, pentesters and security researchers
Updated Feb 9, 2019
SubFinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework…
Subdomain Takeover tool written in Go
Updated Feb 6, 2019
A Powerful Subdomain Takeover Tool
Updated Aug 30, 2018
Collection of small security tools created mostly in Python. CTFs, pentests and so on
Updated Mar 13, 2019
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple wa…
Updated Feb 22, 2019
A cross-platform note-taking & target-tracking app for penetration testers.
Updated Jan 20, 2019
Updated Dec 26, 2018
Automatic Reconnaissance and Scanning in Penetration Testing
Updated Mar 9, 2019
Hawkeye filesystem analysis tool
Updated Jul 21, 2018
Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new s…
Updated Mar 20, 2019
List of considerations for commerce site auditing and security teams. This is summary of action points and areas that…
Updated Nov 28, 2017
A web crawler (for bug hunting) that gathers more than you can imagine.
Updated Feb 2, 2019
A permutation generation tool written in golang
Updated Mar 16, 2019
Simple Server Side Request Forgery services enumeration tool.
Updated Aug 23, 2018
❄️ Research project for SubFinder core API V2
Audits performed by Solidified
Updated Feb 27, 2019
A python script designed to check if the website if vulnerable of clickjacking and create a poc
Updated Mar 3, 2017
(Unofficial) Ruby wrapper for the Bugcrowd HTTP API
Updated Feb 27, 2017
A private detective that gathers information you're not supposed to know about.
Updated Feb 1, 2019
A curated list of awesome infosec blog posts, courses, books and more!
Updated Oct 31, 2018
A comprehensive curated list of available Blockchain Bug Bounty Programs.
Updated Feb 22, 2019
Exploit XXE Out-Of-Band Vulnerability Easily
Updated Jul 28, 2016
Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer
Updated Mar 4, 2019
This is a simple tool to automate google hacking when doing web penetration testing or bug hunting.
Updated Oct 30, 2018
DNS resolver library allowing both DNS and DNS over HTTP
Updated Jul 12, 2018
Scans Subdomains and scans for a specific Port.
Updated Jul 29, 2018
List of domains in scope for bug bounties (HackerOne, Bugcrowd, etc.)
Updated Mar 7, 2019
Just Some Tips & Tricks for BB found on the Internet :D
Updated Jun 4, 2018
The raport about discovered bug in Google reCAPTCHA
Updated Aug 11, 2018