bbhunter's repositories
activity-trail-log
BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.
agartha
a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http requests to Javascript for further XSS exploitation and more.
Checklists
Pentesting checklists for various engagements
crAPI
completely ridiculous API (crAPI)
developer-roadmap
Roadmap to becoming a web developer in 2021
dnsline
Tool for making it easy to collect dns results from the CLI
find-sec-bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Groovy and Scala projects)
fleex
Fleex allows you to create multiple VPS on cloud providers and use them to distribute your workload.
fuzz.txt
Potentially dangerous files
go-ethereum
Official Go implementation of the Ethereum protocol
ivre
Network recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
jsoncrack.com
🔮 Seamlessly visualize your JSON data instantly into graphs; paste, import or fetch!
Max
Maximizing BloodHound. Max is a good boy.
Photon
Incredibly fast crawler designed for OSINT.
pimpmykali
Kali Linux Fixes for Newly Imported VM's
pyOracle2
A python-based padding oracle tool
reFlutter-1
Flutter Reverse Engineering Framework
security-apis
A collective list of public JSON APIs for use in security. Contributions welcome
security-tools
Collection of small security tools created mostly in Python. CTFs, pentests and so on
snapback
HTTP(s) Screenshots for Pen Testers Who Value Their Time
Spoofy
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
url-tracker
Change monitoring app that checks the content of web pages in different periods.
VAmPI
Vulnerable REST API with OWASP top 10 vulnerabilities for APIs
WEF
Wi-Fi Exploitation Framework