qran253's repositories
AllAboutBugBounty
All about bug websites (bypasses, payloads, and etc)
Asnlookup
Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Awesome-Asset-Discovery
List of Awesome Asset Discovery Resources
awesome-oneliner-bugbounty
A collection of awesome one-liner scripts especially for bug bounty tips.
awesome-shodan-queries
π A collection of interesting, funny, and depressing search queries to plug into https://shodan.io/ π©βπ»
dtd-finder
List DTDs and generate XXE payloads using those local DTDs.
flydns
Related subdomains finder
frogy-subdomain-enumeration
My subdomain enumeration
HawkScan
Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x)
Lazy-FuzzZ
Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the false positives we obtain in those results. To solve this problem I created Lazy FuzzZ. It fuzzes all those urls, removes all false positives and sends only legitimate results to burpsuite.
monsoon
Fast HTTP enumerator
PENTESTING-BIBLE
Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
pFuzz
pFuzz helps us to bypass web application firewall by using different methods at the same time.
php-jpeg-injector
Injects php payloads into jpeg images
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
RustScan
π€ The Modern Day Port Scanner π€
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
sifter
Sifter aims to be a fully loaded Op Centre for Pentesters
social-analyzer
API and Web App for analyzing & finding a person profile across 300+ social media websites (Detections are updated regularly)
Storm-Breaker
Tool social engineering [Access Webcam & Microphone & Os Password Grabber & Location Finder] With Ngrok
SubDomainizer
A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
Subrake
A Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.
ugly-scripts
A collection of scripts for bug-bounty related stuff
urlprobe
Urls status code & content length checker
vajra
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
WebHackersWeapons
βοΈ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
wifi-password
Quickly fetch your WiFi password and if needed, generate a QR code of your WiFi to allow phones to easily connect
wsh
Web shell generator and command line interface.
Zin
A Payload Injector for bugbounties written in go