h4ckdi's repositories
4-ZERO-3
403/401 Bypass Methods + Bash Automation + Your Support ;)
aemscan
Adobe Experience Manager Vulnerability Scanner
AlDente
macOS tool to limit maximum charging percentage
awesome-oneliner-bugbounty
A collection of awesome one-liner scripts especially for bug bounty tips.
bbht
A script to set up a quick Ubuntu 17.10 x64 box with tools I use.
byp4xx
Pyhton script for HTTP 40X responses bypassing. Features: Verb tampering, headers, #bugbountytips tricks and 2454 User-Agents.
Cheatsheet-God
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Combined-Wordlists
A combined wordlists for files and directory discovery
constellationbrands.github.io
subdomain takeover
diodata
Tools, data, and contact lists relevant to The disclose.io Project.
Dorks-collections-list
List of Github repositories and articles with list of dorks for different search engines
Fast-Google-Dorks-Scan
The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widespread file types and path traversal. The 100% automated.
fuxploider
File upload vulnerability scanner and exploitation tool.
Garud
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
getJS
A tool to fastly get all javascript sources/files
gitjacker
πͺ :octocat: Leak git repositories from misconfigured websites
gitleaks
Scan git repos (or files) for secrets using regex and entropy π
Grafana-CVE-2021-43798
Grafana Unauthorized arbitrary file reading vulnerability
js-beautify
Beautifier for javascript
karma_v2
β‘·β πππππ ππΈβ β’Ύ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)
NBMiner
NVIDIA & AMD GPU Miner for ETH, RVN, GRIN, BEAM, CFX, AE, SERO
notify
Notify is a helper utility written in Go that allows you to post the output from any tool to Slack, Discord, and Telegram.
pagodo
pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching
Raccoon
A high performance offensive security tool for reconnaissance and vulnerability scanning
Resources
Resources for penetration testing and bug-bounty
sqlmap
Automatic SQL injection and database takeover tool
Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
SwiftnessX
A cross-platform note-taking & target-tracking app for penetration testers.
XSStrike
Most advanced XSS scanner.