IDK's repositories
Amass
In-depth Attack Surface Mapping and Asset Discovery
Arjun
HTTP parameter discovery suite.
BBTz
BBT - Bug Bounty Tools
Breacher
An advanced multithreaded admin panel finder written in python.
bruteforce-lists
Some files for bruteforcing certain things.
Bug-Bounty-Scripts
Script for Bug Bounty
JSFScan.sh
Automation for javascript recon in bug bounty.
byp4xx
Pyhton script for HTTP 40X responses bypassing. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials and fuzzing.
dirsearch
Web path scanner
dnsgen
Generates combination of domain names from the provided input.
Gf-Patterns
GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
github-subdomains
Find subdomains on GitHub
hugo-theme-docdock
Declination of @matcornic Learn theme to Hugo
Javascript-Keylogger
Javascript-based keylogger
JSA
Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.
JSScanner
Js File Scanner
LinkFinder
A python script that finds endpoints in JavaScript files
linux-exploit-suggester
Linux privilege escalation auditing tool
Open-Redirect-Payloads
Open Redirect Payloads
open-redirect-scanner
open redirect subdomains scanner
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
SecretFinder
SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
Sn1per
Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
SubOver
A Powerful Subdomain Takeover Tool
Web-Cache-Vulnerability-Scanner
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
wfuzz
Web application fuzzer
xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List