shebi's repositories
auto.sh
This script is (Mainly) for Beginner's
AWE-OSEE-Prep
Advanced Windows Exploitation/Offensive Security Exploitation Expert (OSEE) Preparation
BurpSuite-collections
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
Collabfiltrator
Exfiltrate blind remote code execution output over DNS via Burp Collaborator.
ffuf
Fast web fuzzer written in Go
ffufplus
You can read the writeup on this script here
gau
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
Hacking-Security-Ebooks
Top 100 Hacking & Security E-Books (Free Download)
keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
MobileHackersWeapons
Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
nuclei-templates
Community curated list of template files for the nuclei engine to find security vulnerability and fingerprinting the targets.
oxml_xxe
A tool for embedding XXE exploits into OXML documents
postMessage-tracker
A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
reflector
Burp plugin able to find reflected XSS on page in real-time while browsing on site
Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
S3-Uploads
The WordPress Plugin to Store Uploads on Amazon S3
security
Collection of scripts to test your website against vulnerabilities.
swagger
swagger ui xss
top10webseclist
Top Ten Web Hacking Techniques List
TProxer
A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.
Trishul
Burp Extension written in Jython to hunt for common vulnerabilities found in websites. Developed by Gaurav Narwani to help people find vulnerabilities and teach how to exploit them.
vajra
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.