reewardius

bbFuzzing.txt

bugbounty-dorks

takeover

ffufPostprocessing

Golang tool which helps dropping the irrelevant entries from your ffuf result file.

patator

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

XSS-Freak

XSS-Freak is an xss scanner fully written in python3 from scratch. it is one of its kind since it crawls the website for all possible links and directories to expand its attack scope. then it searches them for inputs tags and then launches a bunch of xss payloads. if an inputs is not sanitized and vulnerable to xss attacks, the tool will discover it in seconds.

gourlex

Gourlex is a simple tool that can be used to extract URLs and paths from web pages.

Astra

Automated Security Testing For REST API's

datasploit

An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.

DRV3-Sharp

Tools for working with files from Danganronpa V3 for PC

form_finder

This script can be used to find html forms in the list of endpoints/urls.

Get-Shodan

The program allows to download large data from shodan quickly, simply and avoid errors.

HacApt

Package manager for hackers built by hackers

impacket

Impacket is a collection of Python classes for working with network protocols.

Katana

A Python Tool For google Hacking

knoxss-bulk-scan

Leakix

LeakLooker

Find open databases - Powered by Binaryedge.io

network-penetration

A comprehensive penetration testing toolkit based python

offensive-docker

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

pagodo

pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching

postleaks

Search for sensitive data in Postman public library.

recon

Enumerate a target Based off of Nmap Results

reewardius.github.io

SPartan

Frontpage and Sharepoint fingerprinting and attack tool.

SSRFmap

Automatic SSRF fuzzer and exploitation tool

truffleHog

Searches through git repositories for high entropy strings and secrets, digging deep into commit history

XanXSS

A simple XSS finding tool

xray

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档