bbhunter's repositories
Fresh-Resolvers
List of Hourly Updated Fresh DNS resolvers
BugBountyHuntingScripts
I built some bash functions to help me while doing mundane and repetitive tasks using BBRF, Nuclei or other Bug bounty tool.
cdn
Compiles a list of major CDN and WAF subnets.
changedetection.io
changedetection.io - The best and simplest self-hosted free open source website change detection tracking, monitoring and notification service. An alternative to Visualping, Watchtower etc. Designed for simplicity - the main goal is to simply monitor which websites had a text change for free. Free Open source web page change detection
developer-roadmap
Roadmap to becoming a web developer in 2021
graphw00f
graphw00f is Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
jsql-injection
jSQL Injection is a Java application for automatic SQL database injection.
linWinPwn
linWinPwn is a bash script that automates a number of Active Directory Enumeration and Vulnerability checks
mariana-trench
Our security focused static analysis tool for Android and Java applications.
ostorlab
Ostorlab is security scanning platform that enables running complex security scanning tasks involving multiple tools in an easy, scalable and distributed way.
owasp-mstg
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering.
PoC_CVEs
PoC_CVEs
remote-method-guesser
Tool for Java RMI enumeration and bruteforce of remote methods
resolvers-1
The most exhaustive list of reliable DNS resolvers.
retire.js
scanner detecting the use of JavaScript libraries with known vulnerabilities
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
simdjson
Parsing gigabytes of JSON per second
ssh-audit
SSH server & client auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
tew
A quick ‘n dirty nmap parser written in Golang to convert nmap xml to IP:Port notation.
toolbox-pentest-web
Docker toolbox for pentest of web based application.
tsunami-security-scanner
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
vulnrepo
VULNRΞPO - is a free project designed to speed up the creation of IT Security vulnerability reports.
WhatTheHack
A collection of challenge based hack-a-thons including student guide, proctor guide, lecture presentations, sample/instructional code and templates.
wrongsecrets
Examples with how to not use secrets