allisone's repositories
can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
DomLink
A tool to link a domain with registered organisation names and emails, to other domains.
cheat.sh
the only cheat sheet you need
git-all-secrets
A tool to capture all the git secrets by leveraging multiple open source git searching tools
sqlmap
Automatic SQL injection and database takeover tool
vuLnDAP
A vulnerable LDAP based web app written in Golang
bugcrowd_university
Open source education content for the researcher community
XSStrike
XSS Scanner equipped with powerful fuzzing engine & intelligent payload generator
EyeWitness
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
Aron
Aron is a GO script for finding hidden GET & POST parameters
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
retire.js
scanner detecting the use of JavaScript libraries with known vulnerabilities
Sublist3r
Fast subdomains enumeration tool for penetration testers
SubOver
A Powerful Subdomain Takeover Tool
2ndOrder
Chrome extension to inspect and find domains that don't resolve or have expired
cloudgoat
Rhino Security Labs' "Vulnerable by Design" AWS infrastructure setup tool
goaltdns
A permutation generation tool written in golang
subjack
Hostile Subdomain Takeover tool written in Go
pureblood
A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter
Raccoon
A high performance offensive security tool for reconnaissance and vulnerability scanning
burp-rest-api
REST/JSON API to the Burp Suite security tool.
assetnote-poc
(Proof of concept) push notifications for passive DNS data
masscan
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
smith
Simple wrapper for meg that sieves through meg's output for you.
Photon
Incredibly fast crawler which extracts urls, emails, files, website accounts and much more.
ScanCannon
Combines the speed of masscan with the reliability and detailed enumeration of nmap
XssPy
XssPy - Web Application XSS Scanner
meg
Fetch many paths for many hosts - without killing the hosts