bbhunter's repositories
Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
authz0
🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URL and Role.
awesome-wasm-tools
😎 A curated list of awesome, language-agnostic WebAssembly tools
BurpSuiteGuiLibrary
Library for manipulating BurpSuites UI
Checklists
Pentesting checklists for various engagements
CodeArgos
Detect and watch for changes to Javascript files and scriptblocks of a target web app
companies-hiring-security-remote
This repo is meant to be a list of companies that hire security people full remote.
dnsline
Tool for making it easy to collect dns results from the CLI
dp_cryptomg
Another tool for exploiting CVE-2017-9248, a cryptographic weakness in Telerik UI for ASP.NET AJAX dialog handler.
edge
Recon tool for cloud provider attribution.
find-sec-bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Groovy and Scala projects)
fleex
Fleex allows you to create multiple VPS on cloud providers and use them to distribute your workload.
glorp
A CLI-based HTTP intercept and replay proxy
gowitness
🔍 gowitness - a golang, web screenshot utility using Chrome Headless
hate_crack
A tool for automating cracking methodologies through Hashcat from the TrustedSec team.
ivre
Network recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
ligolo-ng
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Max
Maximizing BloodHound. Max is a good boy.
OneListForAll
Rockyou for web fuzzing
PCredz
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
Photon
Incredibly fast crawler designed for OSINT.
pimpmykali
Kali Linux Fixes for Newly Imported VM's
PoC_CVEs
PoC_CVEs
pyOracle2
A python-based padding oracle tool
RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
security-apis
A collective list of public JSON APIs for use in security. Contributions welcome
self-taught-guide-to-cloud-computing
Self-taught guide to cloud computing.
ssh-audit
SSH server & client auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
VAmPI
Vulnerable REST API with OWASP top 10 vulnerabilities for APIs