Saurabh Shinde's repositories
Bug-Bounty-Toolz
BBT - Bug Bounty Tools
0x0p1n3r
0x0p1n3r is set of combination of other tools and one line scripts to find subdomains easily
Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
API-endpoints
Api endpoints for web application penetration testing
AutoRecon
Simple shell script for automated domain recognition with some tools
byp4xx
Simple bash script to bypass "403 Forbidden" messages with well-known methods discussed in #bugbountytips
CloudBrute
Awesome cloud enumerator
crtfinder
Simple script tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com
degoogle
search Google and extract results directly. skip all the click-through links and other sketchiness
dmut
A tool to perform permutations, mutations and alteration of subdomains in golang.
drupwn
Drupal enumeration & exploitation tool
fuzz.txt
Potentially dangerous files
Garud
An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters.
headerssrfXD
Scan ssrf on headers. Inspired by the tool https://github.com/m4ll0k/Bug-Bounty-Toolz/blob/master/ssrf.py
JScanner
Javascript Scanner for Recon, Vulnerabilities, and Secrets
Lazy-FuzzZ
Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the false positives we obtain in those results. To solve this problem I created Lazy FuzzZ. It fuzzes all those urls, removes all false positives and sends only legitimate results to burpsuite.
OneListForAll
Rockyou for web fuzzing
Oralyzer
Open Redirection Analyzer
R3C0Nizer
R3C0Nizer is a noob friendly all in one web application scanner (updating).
reesolve
Tool to fetch A/AAAA IPv4/6 and CNAME records
resolvers
List of periodically validated public DNS resolvers
SEF
SEF is a Subdomain Enumeration Framework that covers passive, active & permuted enumeration
SSRFuck
Fire SSRF payloads everywhere
SuperTruder
A python3 intruder that gave me bounties, easy to use and as fast as fuff
ud-peep
Search for secrets inside user data attached to EC2 instances on multiple AWS accounts
wurl
A tool to test working urls.