Shirshakhtml

followers

following

stars

Independent

Shirshak Roy's starred repositories

webcopilot

An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.

Language:ShellMIT104500

favihunter

Hunting assets on the internet using favicon hashes

Language:PythonMIT10500

Metasploit-Plugins

Plugins for Metasploit Framework

Language:Ruby42100

darkarmour

Windows AV Evasion

Language:PythonMIT73400

Mythic

A collaborative, multi-platform, red teaming framework

Language:JavaScriptNOASSERTION316700

SubDomainizer

A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.

Language:PythonMIT170900

unfurl

Pull out bits of URLs provided on stdin

Language:GoMIT105900

roboxtractor

Extract endpoints marked as disallow in robots files to generate wordlists.

Language:GoGPL-3.05300

CMSeeK

CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs

Language:PythonGPL-3.0230300

eyeballer

Convolutional neural network for analyzing pentest screenshots

Language:PythonGPL-3.0102300

readme-typing-svg

⚡ Dynamically generated, customizable SVG that gives the appearance of typing and deleting text for use on your profile page, repositories, or website.

Language:PHPMIT561200

github-subdomains

Find subdomains on GitHub.

Language:GoMIT65500

Offensive-Payloads

List of payloads and wordlists that are specifically crafted to identify and exploit vulnerabilities in target web applications.

Language:PHP20900

subzy

Subdomain takeover vulnerability checker

Language:GoGPL-2.099000

unmap

Unpack a JavaScript Source Map back into filesystem structure

Language:JavaScript17200

ligolo-ng

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Language:GoGPL-3.0267500

40k-nuclei-templates

40,000+ Nuclei templates for security scanning and detection across diverse web applications and services

4-ZERO-3

403/401 Bypass Methods + Bash Automation + Your Support ;)

Language:ShellMIT113800

dnscan

Language:PythonGPL-3.0112000

linux-for-OSINT-21-day

In this repository you will find sample commands and test files for each day of the course "Linux for OSINT. A 21-day course for beginners".

Language:HTMLMIT42000

reverse-shell-generator

Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)

Language:JavaScriptMIT295700

webpwn3r

WebPwn3r - Web Applications Security Scanner.

Language:PythonGPL-2.045300

nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

Language:GoMIT2011000

ghsec-jaeles-signatures

Signatures for jaeles scanner by @j3ssie

FUZZING

Collected fuzzing payloads from different resources

Language:Python9400

wafw00f

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Language:PythonBSD-3-Clause519600

Awesome-WAF

🔥 Web-application firewalls (WAFs) from security standpoint.

Language:PythonApache-2.0620700

subjack

Subdomain Takeover tool written in Go

Language:GoApache-2.0189300

gitleaks

Protect and discover secrets using Gitleaks 🔑

Language:GoMIT1752000

git-hound

Reconnaissance tool for GitHub code search. Scans for exposed API keys across all of GitHub, not just known repos and orgs.

Language:GoMIT118900