gopinath6

Ghazi

Ghazi is a BurpSuite Plugins For Testing various PayLoads Like "XSS,SQLi,SSTI,SSRF,RCE and LFI" through Different tabs , Where Each Tab Will Replace Every GET or POST Parameters With Selected TAB in "Proxy" or "Repeater" TAB

akamai-arl-hack

Script to test open Akamai ARL vulnerability.

bruteforce-lists

Some files for bruteforcing certain things.

Burp-Issue-Poster

cors-missconfig-Exploitation-Demo

Demo for Exploiting CORS Miss configuration using XSS

CRLF-Injection-Scanner

Command line tool for testing CRLF injection on list of domains.

crlf-injector

cve-2019-19781

This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first.

dnscan

eea.uberlisting

Extends the listing layouts capabilities of Plone

eosbet.github.io

eosbet.io

Fuzzing

Fuzzing Payloads to Assist in Web Application Testing.

github.github.io

h1passets

List HackerOne private program assets

hacker-checklist

Hacking with the power of checklists.

html-poc

Proof of concept code for client-side vulnerabilities

http-flooder

An experiment using goroutines and channels to create a simple HTTP flooder. Mixes GET, POST, PUT, PATCH, ... to one baseline URL.

http-socialpaymentsbv.github.io-

ohmybackup

Scan Victim Backup Directories & Backup Files

OneForAll

OneForAll是一款功能强大的子域收集工具

PENTOL

PENTOL - Pentester Toolkit for Fiddler2

socialpaymentsbv

socialpaymentsbv.github.io

SSTI

sub.sh

Online Subdomain Detect Script

wayback-machine-downloader

Download an entire website from the Wayback Machine.

waybackSqliScanner

xless

xssizer

The best tool to find and prove XSS flaws.