Shriram's repositories
OSCP-10
OSCP Guide
bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
waymore
Find way more from the Wayback Machine!
xnLinkFinder
A python tool used to discover endpoints for a given target
dismap
Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点
cvemon
Monitoring exploits & references for CVEs
EnterprisePurpleTeaming
Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.
KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
jadx
Dex to Java decompiler
Garud
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
gotator
Gotator is a tool to generate DNS wordlists through permutations.
nuclei-templates-1
Community curated list of templates for the nuclei engine to find security vulnerabilities.
nuclei-templates
Few templates which I developed for nuclei
Dorks-collections-list
List of Github repositories and articles with list of dorks for different search engines
sunlogin_rce
向日葵 RCE
Android-Reports-and-Resources
A big list of Android Hackerone disclosed reports and other resources.
Blind-SSRF
Nuclei Templates to reproduce Cracking the lens's Research
OneForAll
OneForAll是一款功能强大的子域收集工具
Fast-Google-Dorks-Scan
The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widespread file types and path traversal. The 100% automated.
bruteforce-lists
Some files for bruteforcing certain things.
Mind-Maps
Mind-Maps of Several Things
AdvancedKeyHacks
API Key/Token Exploitation Made easy.
privilege-escalation-awesome-scripts-suite
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
ThreatHunting_with_Osquery
Threat Hunting & Incident Investigation with Osquery
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
OSCP_xkyrage
simple template to use