bbhunter's repositories
thc-1001-tips-and-tricks
Various tips & tricks
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
free-for-dev
A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev
alterx
Fast and customizable subdomain wordlist generator using DSL
bkcrack
Crack legacy zip encryption with Biham and Kocher's known plaintext attack.
bruteforce-lists
Some files for bruteforcing certain things.
bugBountyTemplates-1
List of reporting templates I have used since I started doing BBH.
Burp-Non-HTTP-Extension
Non-HTTP Protocol Extension (NoPE) Proxy and DNS for Burp Suite.
Checklists
Pentesting checklists for various engagements
csprecon
Discover new target domains using Content Security Policy
ctf
CTF (Capture The Flag) writeups, code snippets, notes, scripts
ctfd-parser
A python script to dump all the challenges locally of a CTFd-based Capture the Flag.
cwe_checker
cwe_checker finds vulnerable patterns in binary executables
dictionaries
Misc dictionaries for directory/file enumeration, username enumeration, password dictionary/bruteforce attacks
ghorg
Quickly clone an entire org/users repositories into one directory - Supports GitHub, GitLab, Bitbucket, and more 🥚
graphtage
A semantic diff utility and library for tree-like files such as JSON, JSON5, XML, HTML, YAML, and CSV.
Information-Security-Tasks
This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
jpexs-decompiler
JPEXS Free Flash Decompiler
orgs-data
A mapping from bug bounty and vulnerability disclosure programs to respective GitHub organizations
Penetration-List
Penetration-List is the supplement for Tester. It contains Every single type of vulnerabilities Material used during Penetration Testing. The list includes Pyaloads, dorks, Fuzzing Materials, and many more. And We also provide theory Sections about every vulnerability in deep, So More Information about our theory sections, Visit our Medium profile.
PrivescCheck
Privilege Escalation Enumeration Script for Windows
Reverse-Engineering
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
RsaCtfTool
RSA attack tool (mainly for ctf) - retreive private key from weak public key and/or uncipher data
shellcheck
ShellCheck, a static analysis tool for shell scripts
theHarvester
E-mails, subdomains and names Harvester - OSINT
VulnerableApp-facade
VulnerableApp-facade is probably most modern lightweight distributed farm of Vulnerable Applications built for handling wide range of vulnerabilities across tech stacks.
Web-Cache-Vulnerability-Scanner
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
whack
Automagically generated wordlists