Jubaer Alnazi's repositories
secret-regex-list
List of regex for scraping secret API keys and juicy information.
Jbin-website-secret-scraper
Jbin will gather all the URLs from the website and then it will try to expose the secret data from them such as API keys, API secrets, API tokens and many other juicy information.
Nuclei-and-Subfinder-API
Web API for nuclei and subfinder will help you automate your entire security testing workflow since you can host it anywhere and make it accessible.
SniffCon-Ultimate-Recon-Dashboard-For-Bug-Bounty-And-Pentesting
Sniffcon has a wide list of powerful online bug bounty tools which can be used to find security vulnerabilities.
Parameter-Reflect-Finder
Parameter-Reflect-Finder is a python based tool that helps you find reflected parameters which can have potential XSS or Open redirection vulnerabilities.
awesome-bugbounty-tools
A curated list of various bug bounty tools
Nuclei-BurpExtension
Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.
RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
faster-than-requests
Faster requests on Python 3
malicious-pdf
π Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
BadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active D
PoC-in-GitHub
π‘ PoC auto collect from GitHub. β οΈ Be careful Malware.
ssh-action
GitHub Actions for executing remote ssh commands.
top25-parameter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. π‘οΈβοΈπ§
Web-Pentest-MindMap
Mindmap for Web Pentest engagement!
async-python
Shows how to use async requests vs requests
awesome-threat-detection
β¨ A curated list of awesome threat detection and hunting resources π΅οΈββοΈ
axiom
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
Chat-with-PDF-Chatbot
This Chatbot is an interactive app developed to assist users to interact with their PDF. It is built using Open Source Stack. No OpenAI is required.
crlfuzz
A fast tool to scan CRLF vulnerability written in Go
Forkify-JS
π A beautiful recipe search engine made with modern JavaScript features π. Powered by food2fork API π΄