ethicalhackingplayground

Bug-Bounty-Tools

The tools I have programmed to help me with bugbounty's

EvilPhisher

Social Media Phisher

fbkiller

Brute Forces A Facebook Account

GoogleDorkScanner.py

hakku

Hakku is a android take over tool using various deployment options.

burp-extensions

A collection of scripts to extend Burp Suite

documents.uber.com

fuzzdb

一个fuzzdb扩展库

native-mockups

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

S3Cruze

All-in-one AWS S3 bucket tool for pentesters.

sentrySSRF

Tool to searching sentry config on page or in javascript files and check blind SSRF

subdomaintakeover

WebPentestChecklist

Workflow for pentesting web applications.

ads.urbandictionary.com

Amass

In-depth DNS Enumeration and Network Mapping

anti-csrf

Full-Featured Anti-CSRF Library

Burp-API-Scripts

A collection of scripts used to interact with the Burp Rest API

chronicle

Public append-only ledger microservice built with Slim Framework

ctf-tools

Some setup scripts for security research tools.

eslint-github-bot

Plugin-based GitHub bot for ESLint

exploitdb

The official Exploit Database repository

gpg-mailer

GnuPG-encrypted emails made easy

halite

High-level cryptography interface powered by libsodium

myflaskapp

Python Flask app with authentication

Open-Redirect-Payloads

Open Redirect Payloads

pando.py

Filesystem dispatch + Simplates + Python = a nice web framework.

Probable-Wordlists

Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!

Procedural-Planets

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.