GASTONE DERECK ALEX's repositories
30-days-of-code-in-Golang
30 days of code in Golang
AutomatedAttackRecon-RTV-nahamcon
Slides, documentation, and files from my workshop at nahamcon 23
awesome-censys-queries
A collection of fascinating and bizarre Censys Search Queries
awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
domscan
Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.
gip
Google IP Search Engine
go
The Go programming language
google-dorks
Useful Google Dorks for WebSecurity and Bug Bounty
Kyubi
A tool to discover and exploit Nginx alias traversal misconfiguration, the tool can bruteforce the URL path recursively to find out hidden files and directories.
malicious-pdf
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
netlas-scripts
Several scripts are based on the Netlas.io search engine. They will allow you to carry out the reconnaissance phase before the pen test in a semi-automatic mode: collect all the domains and IP addresses associated with the target and save the responses received after contacting these hosts in HTML format. Over time, new scripts will appear here.
NetworkExploitation
Some tools for performing network attacks.
nipejs
Detects JavaScript leaks via regex patterns
One-Liners
A collection of awesome one-liners for bug bounty hunting.
OneForAll
OneForAll是一款功能强大的子域收集工具
rce-finder
A tool to find good RCE
RockYou2021.txt
RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!
subbrute
A DNS meta-query spider that enumerates DNS records, and subdomains.
tbhm
The Bug Hunters Methodology
vhostawesome
vhost scanning
vuln-web-apps
A curated list of vulnerable web applications.
weaponised-XSS-payloads
XSS payloads designed to turn alert(1) into P1
webHunt
Web App bug hunting