SbIm

ExtractSubdomainFromFDNS

ExtractSubdomainFromFDNS, updating

SbIm.github.io

presonal blog

altdns

Generates permutations, alterations and mutations of subdomains and then resolves them

bass

Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers to your "resolver.txt"

bounty-domains

List of domains in scope for bug bounties (HackerOne, Bugcrowd, etc.)

bugbounty-cheatsheet

A list of interesting payloads, tips and tricks for bug bounty hunters.

chomp-scan

A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.

dj-on-discord

dj-on-discord, youtube, 网易云音乐

domain

Setup script for Regon-ng

domained

Multi Tool Subdomain Enumeration

exploit

Exploits and advisories

fuckcdn

全网扫描找出真实IP

fuzz.txt

Potentially dangerous files

Fuzzing101

hacks

A collection of hacks and one-off scripts

massdns

A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)

OneForAll

OneForAll是一款功能强大的子域收集工具

Ozy

Discord bot embedded with NetEase Music Api (从网易云播放的discord机器人)

pydictor

A powerful and useful hacker dictionary builder for a brute-force attack

qsreplace

Accept URLs on stdin, replace all query string values with a user-supplied value

reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

rengine

reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information.

SDBF

Smart DNS Brute Forcer

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

shuffledns

shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support.

testdemo

just a demo http://176.122.130.161/helloworld

TZFE

a simple demo for 2048

unicollider

An elegant frontend to generate and detect possible Unicode transformation collisions.

w8fuckcdn

Get website IP address by scanning the entire net 通过扫描全网绕过CDN获取网站IP地址

xxe-ftp-server

xxe oob receive file via web and ftp server