jhaddix

tbhm

The Bug Hunters Methodology

pentest-bookmarks

a collection of handy bookmarks

domain

Setup script for Regon-ng

awsScrape

A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.

KingOfBugBountyTips

SubreconGPT

CSPReconGO

HUNT

LinkFinder

A python script that finds endpoints in JavaScript files

sslScrape

SSLScrape | A scanning tool for scaping hostnames from SSL certificates.

can-i-take-over-xyz

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

CloudBrute

Awesome cloud enumerator

amass

In-depth DNS Enumeration and Network Mapping

megplus

Automated reconnaissance wrapper — TomNomNom's meg on steroids.

nuclei-templates

Community curated list of template files for the nuclei engine to find security vulnerability and fingerprinting the targets.

sus_params

Amass-1

In-depth Attack Surface Mapping and Asset Discovery

asnrecon

ASN reconnaissance script

karma_v2

⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)

security-template

A static website template for security pages.

hackerone_wordlist

The wordlists that have been compiled using disclosed reports at HackerOne bug bounty platform

www-project-top-25-parameters

OWASP Foundation Web Respository

CloudRecon

disclose

Driving safety, simplicity, and standardization in vulnerability disclosure.

disclosure-policy

Open Source Responsible Disclosure Framework from Bugcrowd and CipherLaw

GraphRunner

A Post-exploitation Toolset for Interacting with the Microsoft Graph API

meetup

⭐️ Repositorio oficial de Angular Medellín ⭐️

gungnir

CT Log Scanner

jhaddix

nowafpls

Burp Plugin to Bypass WAFs through the insertion of Junk Data