Alganad

followers

following

stars

Ahmed's starred repositories

waymore

Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan & VirusTotal!

Language:PythonMIT148800

OffensiveNim

My experiments in weaponizing Nim (https://nim-lang.org/)

Language:NimBSD-2-Clause272000

xnLinkFinder

A python tool used to discover endpoints, potential parameters, and a target specific wordlist for a given target

Language:Python110300

keyhacks

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

keyFinder

Keyfinder🔑 is a tool that let you find keys while surfing the web!

Language:HTMLMIT45300

fuzzuli

fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.

Language:GoMIT59700

rsa_sign2n

Deriving RSA public keys from message-signature pairs

Language:PythonGPL-3.021900

anew

A tool for adding new lines to files, skipping duplicates

Language:GoMIT124600

WordList

Language:PHP54300

XSStrike

Most advanced XSS scanner.

Language:PythonGPL-3.01279500

dnsReaper

dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!

Language:PythonAGPL-3.0190800

bbot

A recursive internet scanner for hackers.

Language:PythonGPL-3.0382400

bbFuzzing.txt

KingOfBugBountyTips

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..

Language:Python406300

qsreplace

Accept URLs on stdin, replace all query string values with a user-supplied value

Language:GoMIT69400

SubOver

A Powerful Subdomain Takeover Tool

Language:GoBSD-2-Clause90900

subjack

Subdomain Takeover tool written in Go

Language:GoApache-2.0185100

ppfuzz

A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

Language:RustMIT54900

kiterunner

Contextual Content Discovery Tool

Language:GoAGPL-3.0246300

trufflehog

Find and verify secrets

Language:GoAGPL-3.01411000

alterx

Fast and customizable subdomain wordlist generator using DSL

Language:GoMIT62700

MurMurHash

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Language:PythonMIT11100

GitTools

A repository with 3 tools for pwn'ing websites with .git repositories available

Language:ShellMIT375000

tplmap

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

Language:PythonGPL-3.0364900

HowToHunt

Collection of methodology and test case for various web vulnerabilities.

GPL-3.0562100

gmapsapiscanner

Language:PythonMIT85100

WAF-bypass-xss-payloads

XSS payloads for bypassing WAF. This repository is updating continuously.

dtd-finder

List DTDs and generate XXE payloads using those local DTDs.

Language:Kotlin58500

oxml_xxe

A tool for embedding XXE/XML exploits into different filetypes

Language:Ruby100700

viewgen

Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys

Language:PythonMIT57000