Saurabh Shinde's repositories
HowToHunt
Tutorials and Things to Do while Hunting Vulnerability.
h1domains
HackerOne "in scope" domains
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
unimap
Scan only once by IP address and reduce scan times with Nmap for large amounts of data.
broxy
An HTTP/HTTPS intercept proxy written in Go.
VHostScan
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Gxss
Tool for checking reflecting Parameters in a URL.
Mind-Maps
Mind-Maps of Several Things
XSS-Payloads
List of XSS Vectors/Payloads
slackcat
A simple way of sending messages from the CLI output to your Slack with webhook.
hacks
A collection of hacks and one-off scripts
content-type-research
Content-Type Research
awesome-oneliner-bugbounty
A collection of awesome one-liner scripts especially for bug bounty tips.
CRLF-one-liner
A simple Bash one liner with aim to automate CRLF vulnerability scanning.
pentesting-notes
Notes from OSCP, CTF, security adventures, etc...
XSRFProbe
The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
AllThingsSSRF
This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
SourceWolf
Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥
LazyRecon
An automated approach to performing recon for bug bounty hunting and penetration testing.
Zin
A Payload Injector for bugbounties written in go
grafana-ssrf
Authenticated SSRF in Grafana
Reconnoitre
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
S3Scanner
Scan for open AWS S3 buckets and dump the contents
portscan.sh
All in one port scanning script.
SSRF-Testing
SSRF (Server Side Request Forgery) testing resources
venom
Auto Recon Bash Script