Who-AmI's repositories
DNS-Analysis-Server
Tools to assess DNS security.
GhostShell
Interactive shell to execute commands anonymously using Proxychains and Tor
afl-training
Exercises to learn how to fuzz with American Fuzzy Lop
bounty-targets
This project crawls bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) hourly and dumps them into the bounty-targets-data repo
byp4xx
40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...
CloudFlair
🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
csprecon
Discover new target domains using Content Security Policy
DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
dnsvalidator
Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.
domain-admin
Domain and SSL Cert monitor System. 域名SSL证书监测平台
fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
Fuzzing101
An step by step fuzzing tutorial. A GitHub Security Lab initiative
fuzzuli
fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.
garble
Obfuscate Go builds
jfscan
JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate report.
navgix
navgix is a multi-threaded golang tool that will check for nginx alias traversal vulnerabilities
osmedeus
A Workflow Engine for Offensive Security
Packer-Fuzzer
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
Priv8-Nuclei-Templates
My Priv8 Nuclei Templates
public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
recollapse
REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
rengine
reNgine is an automated reconnaissance framework for web application
sliver
Adversary Emulation Framework
terraform
Terraform enables you to safely and predictably create, change, and improve infrastructure. It is an open source tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.