Giters
0xJeti

0xJeti

Geek Repo

13

followers

10

following

287

stars

Github PK Tool:Github PK Tool

0xJeti's starred repositories

Fuzzing101

An step by step fuzzing tutorial. A GitHub Security Lab initiative

License:Apache-2.0Stargazers:2412Issues:54Issues:22

ezXSS

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Language:PHPLicense:MITStargazers:1842Issues:54Issues:123

mubeng

An incredibly fast proxy checker & IP rotator with ease.

Language:GoLicense:Apache-2.0Stargazers:1564Issues:37Issues:57

medusa

Binary instrumentation framework based on FRIDA

Language:PythonLicense:GPL-3.0Stargazers:1515Issues:45Issues:44

graudit

grep rough audit - source code auditing tool

Language:ShellLicense:GPL-3.0Stargazers:1461Issues:36Issues:24

Cloud-Security-Attacks

Azure and AWS Attacks

Stargazers:1043Issues:32Issues:2

resolvers

The most exhaustive list of reliable DNS resolvers.

License:MITStargazers:648Issues:16Issues:9

fuzzuli

fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.

Language:GoLicense:MITStargazers:620Issues:9Issues:12

surf

Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable SSRF candidates.

Language:GoStargazers:518Issues:8Issues:1

haylxon

⚡ Blazing-fast tool to grab screenshots of your domain list right from terminal.

Language:RustLicense:MITStargazers:385Issues:4Issues:22

domloggerpp

A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.

Language:JavaScriptLicense:GPL-3.0Stargazers:370Issues:5Issues:17

chameleon

Language:RustStargazers:368Issues:8Issues:19

graphql-wordlist

The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.

Language:TypeScriptLicense:AGPL-3.0Stargazers:308Issues:5Issues:2

TInjA

TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines for eight different programming languages.

Language:GoLicense:Apache-2.0Stargazers:283Issues:6Issues:5

subdirectories-discover

Perfect wordlist for discovering directories and files on target site

Stargazers:272Issues:5Issues:0

Challenges_2022_Public

Files + Writeups for DownUnderCTF 2022 Challenges

Language:HTMLStargazers:244Issues:13Issues:0

gungnir

CT Log Scanner

Language:GoLicense:MITStargazers:234Issues:8Issues:4

padre

Blazing fast, advanced Padding Oracle exploit

Language:GoLicense:MITStargazers:229Issues:4Issues:7

Helios

Helios: Automated XSS Testing

Language:PythonStargazers:122Issues:6Issues:3

sasori

Sasori is a dynamic web crawler powered by Puppeteer, designed for lightning-fast endpoint discovery.

Language:JavaScriptLicense:MITStargazers:120Issues:4Issues:26

server-side-prototype-pollution

A collection of Server-Side Prototype Pollution gadgets and exploits

Language:JavaScriptLicense:MITStargazers:114Issues:4Issues:1

VhostFinder

Identify virtual hosts by similarity comparison

Language:GoStargazers:113Issues:2Issues:4

wwwordlist

Wwwordlist is a wordlist generator for pentesters and bug bounty hunters. It extracts words from HTML, URLs, JS/HTTP/input variables, quoted texts in the text and mail files in order to generate wordlists.

Language:PythonLicense:MITStargazers:96Issues:4Issues:1

apkd

APK downloader from few sources

Language:PythonLicense:MITStargazers:93Issues:1Issues:3

Prototype-Pollution-Gadgets-Finder

Language:PythonStargazers:72Issues:2Issues:0

chunkloader

A chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs

Language:JavaScriptStargazers:55Issues:0Issues:0

ctf-vs-the-real-world

Informational Repository tracking times that real world bugs have come out of CTF challenges intentionally or otherwise

License:Apache-2.0Stargazers:55Issues:3Issues:1

IISRecon

IIS shortname scanner + bruteforce

Language:ShellStargazers:45Issues:1Issues:1

protobuf-decoder

A simple Google Protobuf Decoder for Burp

Language:PythonLicense:NOASSERTIONStargazers:42Issues:2Issues:0

open-asset-model

Asset definitions for an organization's external attack surface

Language:GoLicense:Apache-2.0Stargazers:35Issues:2Issues:5