Automated pentest framework for offensive security experts
Updated May 31, 2019
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesti…
Updated Nov 2, 2018
A list of interesting payloads, tips and tricks for bug bounty hunters.
Updated Mar 15, 2019
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
#49 opened 8 months ago by chackmate
Updated Jun 5, 2019
Automated NoSQL database enumeration and web application exploitation tool.
Updated May 29, 2019
Find exploits in local and online databases instantly
Updated Feb 1, 2019
Fully automated offensive security tool for reconnaissance and vulnerability scanning
Updated Jun 10, 2019
Security Tool to Look For Interesting Files in S3 Buckets
Updated Nov 16, 2018
Scan for open AWS S3 buckets and dump the contents
Updated Apr 30, 2019
Automatically brute force all services running on a target.
Updated Apr 16, 2019
A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Updated Dec 13, 2017
StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code a…
Updated May 23, 2019
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Updated Jan 28, 2019
Subdomain Takeover tool written in Go
Updated Feb 6, 2019
Penetration tests cases, resources and guidelines.
Updated Jun 14, 2019
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Updated Nov 8, 2018
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work …
Updated Oct 18, 2018
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Updated Jun 13, 2019
Multi Tool Subdomain Enumeration
Updated Jun 15, 2019
A Powerful Subdomain Takeover Tool
Updated Aug 30, 2018
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple wa…
Updated Jun 12, 2019
Updated May 16, 2019
Collection of small security tools created mostly in Python. CTFs, pentests and so on
Updated May 28, 2019
Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if t…
Updated May 23, 2019
Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
Updated Dec 26, 2018
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Updated Jul 18, 2018
A big list of Android Hackerone disclosed reports and other resources.
Updated Nov 29, 2018
Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob supp…
Updated Jun 11, 2019
Adhrit is an open source Android APK reversing and analysis tool that can help security researchers and CTF enthusias…
Updated Jun 3, 2019
Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
Updated Oct 14, 2018