Shriram's repositories
EnterprisePurpleTeaming
Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.
KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
AdvancedKeyHacks
API Key/Token Exploitation Made easy.
Android-Reports-and-Resources
A big list of Android Hackerone disclosed reports and other resources.
Blind-SSRF
Nuclei Templates to reproduce Cracking the lens's Research
bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
bruteforce-lists
Some files for bruteforcing certain things.
cvemon
Monitoring exploits & references for CVEs
dismap
Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点
Dorks-collections-list
List of Github repositories and articles with list of dorks for different search engines
Fast-Google-Dorks-Scan
The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widespread file types and path traversal. The 100% automated.
Garud
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
gotator
Gotator is a tool to generate DNS wordlists through permutations.
jadx
Dex to Java decompiler
keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
Mind-Maps
Mind-Maps of Several Things
nuclei-templates
Few templates which I developed for nuclei
nuclei-templates-1
Community curated list of templates for the nuclei engine to find security vulnerabilities.
OneForAll
OneForAll是一款功能强大的子域收集工具
OSCP-10
OSCP Guide
OSCP_xkyrage
simple template to use
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
privilege-escalation-awesome-scripts-suite
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
sunlogin_rce
向日葵 RCE
ThreatHunting_with_Osquery
Threat Hunting & Incident Investigation with Osquery
waymore
Find way more from the Wayback Machine!
xnLinkFinder
A python tool used to discover endpoints for a given target