janmasarik

resolvers

List of periodically validated public DNS resolvers

bugshop

low-hanging

Lightweight and extensible horizontal vulnerability scanner

bucketsperm

plz-secrets

resolvable

Merge outputs from multiple subdomain enumeration tools and resolve IPv4/6/CNAME addresses for it

xssable

A vulnerable blogging platform used to demonstrate XSS vulnerabilities.

gitleaks

Audit git repos for secrets 🔑

altdns

Generates permutations, alterations and mutations of subdomains and then resolves them

Amass

In-depth DNS Enumeration and Network Mapping

argo

Argo Workflows: Get stuff done with Kubernetes.

argo-events

Event-based dependency manager for Kubernetes.

aws-sdk-go

AWS SDK for the Go programming language.

can-i-take-over-xyz

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

CloudScraper

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

connexion

Swagger/OpenAPI First framework for Python on top of Flask with automatic endpoint validation & OAuth2 support

docsearch-scraper

DocSearch - Scraper

dumb-password-rules

Shaming sites with dumb password rules.

examplenodejs

GCPBucketBrute

A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.

generate-bucketnames

git-url-parse

:v: A high level git url parser for common git providers.

handouts

materials we hand out

node-postgres

PostgreSQL client for node.js.

resolvers-data

S3Scanner

Scan for open AWS S3 buckets and dump the contents

second-order

Second-order subdomain takeover scanner

spaces-finder

A tool to hunt for publicly accessible DigitalOcean Spaces

subjack

Subdomain Takeover tool written in Go

www-chapter-czech-republic

OWASP Foundation Web Respository