ringawy's repositories
CorsOne
CorsOne - CORS Misconfiguration Discovery Tool
gitools
shell script that automates the installation of essential bug bounty and web pentesting tools. It supports Linux and macOS
Corscan
Advanced CORS Header Checker Tool with Vulnerability Detection and Bypass Attempts
back-me-up
This tool will check for Sensitive Data Leakage with some useful patterns/RegEx. The patterns are mostly targeted on waybackdata and filter everything accordingly.
Storm-Breaker
Social engineering tool [Access Webcam & Microphone & Location Finder] With {Py,JS,PHP}
nomore403
Tool to bypass 403/40X response codes.
magicRecon
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Arjun
HTTP parameter discovery suite.
Forbidden-Buster
A tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes and gain access to unauthorized areas in the system. This code is made for security enthusiasts and professionals only. Use it at your own risk.
endext
EndExt is a .go tool for extracting all the possible endpoints from the JS files
chaos-client
Go client to communicate with Chaos DB API.
alterx
Fast and customizable subdomain wordlist generator using DSL
bugsffuf
Multithreading loop fuzzing with `ffuf` into your subdomains list with unique results
Dons
Dons Js Scanner is a sleek command-line tool that hunts for hidden treasures—API keys, credentials, and secrets—lurking in the JavaScript of websites. Its vibrant ASCII art logo welcomes users to a journey where it scans, reveals, and safeguards against potential security breaches.
feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
ParamSpider
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
spyhunt
recon for bug hunters
Gsec
Web Security Scanner
dnsReaper
dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!
katana
A next-generation crawling and spidering framework.
shortscan
An IIS short filename enumeration tool
gf
A wrapper around grep, to help you grep for things
ars0n-framework
A Modern Framework for Bug Bounty Hunting
keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
waymore
Find way more from the Wayback Machine!
bypass-403
A simple script just made for self use for bypassing 403
waybackurls
Fetch all the URLs that the Wayback Machine knows about for a domain
forbidden
Bypass 4xx HTTP response status codes and more. Based on PycURL and Python Requests.