bsysop

bsysop's repositories

blind-ssrf-chains

An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability

Apache-2.016 10

jwt-hack

🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)

Language:GoMIT3 10

Web-Cache-Vulnerability-Scanner

Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).

Language:GoNOASSERTION100

asvs

A simple web app that helps developers understand the ASVS requirements.

Language:HTMLMIT010

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain. Feel free to fork, and add your own tools.

Language:Shell010

awesome-cheatsheet

:beers: awesome cheatsheet

Language:PythonMIT010

awesome-industrial-control-system-security

A curated list of resources related to Industrial Control System (ICS) security.

Language:PythonApache-2.0010

Awesome-Red-Teaming

List of Awesome Red Teaming Resources

MIT010

awesome-web-security

🐶 A curated list of Web Security materials and resources.

010

burp-piper-custom-scripts

Custom scripts for the PIPER Burp extensions.

Language:PythonGPL-3.0010

ditto

A tool for IDN homograph attacks and detection.

Language:GoNOASSERTION010

extended-ssrf-search

Smart ssrf scanner using different methods like parameter brute forcing in post and get...

Language:Python010

feroxbuster

A fast, simple, recursive content discovery tool written in Rust.

Language:RustMIT010

ffuf

Fast web fuzzer written in Go

Language:GoMIT000

GitDorker

A Python program to scrape secrets from GitHub through usage of a large repository of dorks.

Language:Python010

h8mail

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

Language:PythonNOASSERTION010

httpie

As easy as /aitch-tee-tee-pie/ 🥧 Modern, user-friendly command-line HTTP client for the API era. JSON support, colors, sessions, downloads, plugins & more. https://twitter.com/httpie

Language:PythonBSD-3-Clause010

knary

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Language:GoGPL-3.0010

kubernetes-goat

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

Language:HTMLMIT010

OneListForAll

Rockyou for web fuzzing

Language:Shell010

PacketProxy

A local proxy written in Java

Language:JavaApache-2.0010

SecretScanner

Find secrets and passwords in container images and file systems

Language:GoMIT010

shell-bot

:robot: Telegram bot that executes commands and sends the live output

Language:JavaScriptGPL-3.0000

Sudomy

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Language:ShellMIT010

trivy

A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI

Language:GoApache-2.0010

uddup

Urls de-duplication tool for better recon.