Beast code in Giters

El Mehdi 's starred repositories

nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

Language:GoMIT19646 233 2356

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

Language:PythonCC-BY-SA-4.011558 424 1092

nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Language:JavaScriptMIT8909 198 1482

OneForAll

OneForAll是一款功能强大的子域收集工具

Language:PythonGPL-3.08093 103 320

android-security-awesome

A collection of android security related resources

Language:ShellApache-2.07993 429 42

keyhacks

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

4813 106 63

AwesomeXSS

Awesome XSS stuff

Language:JavaScriptMIT4729 239 13

naabu

A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

Language:GoMIT4570 69 335

KingOfBugBountyTips

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..

Language:Go4154 232 11

pentest-tools

A collection of custom security tools for quick needs.

Language:Python3108 109 13

Bug-bounty

Ressources for bug bounty hunting

1693 66 2

wordlists

Automated & Manual Wordlists provided by Assetnote

Language:CSSApache-2.01270 26 4

XSS-Payloads

List of XSS Vectors/Payloads

1154 420

bhg

Code samples for No Starch Press Black Hat Go

Language:JavaScriptMIT1114 47 19

leonids

A simple, fixed sidebar two columns Gatsby.js blog starter.

Language:JavaScriptMIT868 18 47

aem-hacker

Language:PythonMIT739 30 14

XSSTRON

Electron JS Browser To Find XSS Vulnerabilities Automatically

Language:JavaScriptGPL-3.0682 26 25

whonow

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

Language:JavaScriptMIT618 22 10

qsfuzz

qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.

Language:GoMIT294 7 12

bash_scripting

bash scripting thing!

Language:Shell182 5 1

h1passets

List HackerOne private program assets

Language:PythonMIT148 8 7

maravel-permissions

Because in the Maravelous univer every user deserves super power

Language:PHP141 70

dr_robot

This tool can be used to enumerate the subdomains associated with a company by aggregating the results of multiple OSINT (Open Source Intelligence) tools.

Language:PythonNOASSERTION140 13 41