Bernad Satriani's repositories
w3af
w3af: web application attack and audit framework, the open source web vulnerability scanner.
bypass-firewalls-by-DNS-history
Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
bXSS
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
tokopedia_bajuwanita
Notebook berisi eksplorasi data hasil scraping dari Tokopedia dengan kata kunci "baju wanita"
HackerOneDB
The unofficial HackerOne disclosure Timeline
TokopediaScraper
Aplikasi yang digunakan untuk mengambil data produk sebuah toko
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Pentesting
Misc. Public Reports of Penetration Testing and Security Audits.
Arjun
Arjun is a python script for finding hidden GET & POST parameters.
fuxploider
File upload vulnerability scanner and exploitation tool.
tplmap
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
dirsearch
Web path scanner
HackBar
HackBar plugin for Burpsuite v1.0
Swiftness
A note-taking macOS app for penetration-testers.
facebook-comments-contest-snippet
Chrome snippet to extract in csv format all comments in a Facebook post and make a contest
altdns
Generates permutations, alterations and mutations of subdomains and then resolves them
certasset
Takes ip range, Scan all open SSL Certs, Grab Cnames
git-standup
Recall what you did on the last working day. Psst! or be nosy and find what someone else in your team did ;-)
ig-monitoring
IG Monitoring - Free, self hosted Instagram Analytics and Stats
Instagram-API
Instagram's private API
firebase-instagram
Instagram clone with Firebase Cloud Firestore, Expo, and React Native
bot
An AutomationService for Instagram, GrowthHacking real Human Engagement
instagram-php-scraper
Instagram PHP Scraper. Get account information, photos, videos, stories and comments.
cc.py
Extracting URLs of a specific target based on the results of "commoncrawl.org"
SI9INTs-Wiki
This is a mirror of si9int.sh/wiki. Containing different tips and tricks which can be useful when hunting bugs
psychoPATH
psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-searching payload generator, LFI mode, nix & windows support, single byte generator, payload export.
SCANNER-INURLBR
Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.
watchdog
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
nano
Nano is a family of PHP web shells which are code golfed for stealth.
ScreenShooter
Convert your masscan/subdomain-scan results (80,443,8080) into screenshots for better analysis