mud1t's starred repositories
31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
AllVideoPocsFromHackerOne
This script grab public report from hacker one and make some folders with poc videos
BurpSuite-For-Pentester
This cheatsheet is built for the Bug Bounty Hunters and penetration testers in order to help them hunt the vulnerabilities from P4 to P1 solely and completely with "BurpSuite".
KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
rapiddns-extractor
Extract subdomains from rapiddns.io
threader3000
Multi-threaded Python Port Scanner with Nmap Integration
frida_setup
One-click installer for Frida and Burp certs for SSL Pinning bypass
api_wordlist
A wordlist of API names for web application assessments
snallygaster
Tool to scan for secret files on HTTP servers
SSRF-Testing
SSRF (Server Side Request Forgery) testing resources
SCANNER-INURLBR
Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.
java-deserialization-exploits
A collection of curated Java Deserialization Exploits
VulnWebApp
Intentionally vulnerable web application
CrookedStyleSheets
Webpage tracking only using CSS (and no JS)
Java-Deserialization-Scanner
All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities
HandyCollaborator
Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!
Popular-Site-Subdomains
A list of subdomains for some of the most popular sites on the internet