okaayfine's repositories
4-ZERO-3
403/401 Bypass Methods + Bash Automation + Your Support ;)
airCross
An attack tool capable of executing single-factor authentication attacks against the AirWatch MDM solution suite
Android-Security-Teryaagh
Android security guides, roadmap, docs, courses, write-ups, and teryaagh.
APKLab
Android Reverse-Engineering Workbench for VS Code
apkleaks
Scanning APK file for URIs, endpoints & secrets.
bbrf-client
The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
burp-grahql-logger
Burp Suite extension to log GraphQL operations as a comment
conti-pentester-guide-leak
Leaked pentesting manuals given to Conti ransomware crooks
CVE-2019-0232
Vulnerability analysis and PoC for the Apache Tomcat - CGIServlet enableCmdLineArguments Remote Code Execution (RCE)
dnstake
DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
EJS-Exploit
Remote Code Execution EJS Web Applications using express-fileupload
Goblyn
Goblyn is a Python tool focused to enumeration and capture of website files metadata.
hakcsp
Return domains in CSP headers in http response
HolyTips
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
HowToHunt
Tutorials and Things to Do while Hunting Vulnerability.
it-security-lecture
University lecture on "IT Security" as Open Educational Resources material
JSFScan.sh
Automation for javascript recon in bug bounty.
KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
lit-bb-hack-tools
Little Bug Bounty & Hacking Tools⚔️
malicious-pdf
Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator
mapcidr
Small utility program to perform multiple operations for a given subnet/CIDR ranges.
mihari
A framework for continuous OSINT based threat hunting
Python
All Algorithms implemented in Python
security-tools
Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
trivy
Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
uro
declutters url lists for crawling/pentesting
weird_proxies
Reverse proxies cheatsheet
x8
Hidden parameters discovery suite