michael1026

trashcompactor

inscope

param-sqli

paramfinderSlimmed

axiom

The dynamic infrastructure framework for anybody!

cachePoison

dnsgen

Generates combination of domain names from the provided input.

domain-crawl

ffuf

Fast web fuzzer written in Go

fleex

Fleex makes it easy to create multiple VPS on cloud providers and use them to distribute workloads.

httprobe

Take a list of domains and probe for working HTTP and HTTPS servers

log4jcheck

michael1026.github.io

mywebappscripts

A collection of all the lists, scripts and techniques I use while doing web application penetration tests.

nuclei

Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use.

nuclei-templates

Community curated list of template files for the nuclei engine

paramfinder

pathgen

pathminer

rawhttp

Raw HTTP client in Go for complete request control and customization.

reflector

Burp plugin able to find reflected XSS on page in real-time while browsing on site

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

sessionManager