samhaxr

followers

following

0

stars

United Kingdom

https://www.sulemanmalik.com

@sulemanmalik_3

Suleman Malik's repositories

can-i-take-over-xyz

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

200

awesome-forensics

A curated list of awesome forensic analysis tools and resources

CC0-1.0100

blackhat-arsenal-tools

Official Black Hat Arsenal Security Tools Repository

GPL-3.0100

commix

Automated All-in-One OS command injection and exploitation tool.

Language:PythonNOASSERTION100

owtf

Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient @owtfp http://owtf.org

Language:PythonBSD-3-Clause100

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Language:Python100

weevely3

Weaponized web shell

Language:PythonGPL-3.0100

wpscan

WPScan is a black box WordPress vulnerability scanner

Language:RubyNOASSERTION100

archaeologit

Archaeologit scans the history of a user's GitHub repositories for a given pattern to find sensitive things.

Language:ShellMIT000

awesome-threat-intelligence

A curated list of Awesome Threat Intelligence resources

Apache-2.0000

AwesomeXSS

Awesome XSS stuff

000

burplist

Language:Java000

ctf

CTF (Capture The Flag) writeups, code snippets, notes, scripts

Language:Python000

dirsearch

Web path scanner

Language:Python000

dotdotslash

Search for Directory Traversal Vulnerabilities

Language:PythonNOASSERTION000

gobuster

Directory/file & DNS busting tool written in Go

Language:GoApache-2.0000

hacker101

Hacker101

Language:RubyNOASSERTION000

jd-gui

A standalone Java Decompiler GUI

Language:GroovyGPL-3.0000

masscan

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

Language:CNOASSERTION000

Namechk

Osint tool based on namechk.com for checking usernames on more than 100 websites, forums and social networks.

Language:Shell000

nano

Nano is a family of PHP web shells which are code golfed for stealth.

Language:PHP000

php-malware-finder

Detect potentially malicious PHP files

Language:PHPLGPL-3.0000

psychoPATH

psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-searching payload generator, LFI mode, nix & windows support, single byte generator, payload export.

Language:JavaGPL-3.0000

s3-buckets-finder

Find aws s3 buckets and extract datas.

Language:PHP000

Sublist3r

Fast subdomains enumeration tool for penetration testers

Language:PythonGPL-2.0000

testssl.sh

Testing TLS/SSL encryption anywhere on any port

Language:ShellGPL-2.0000

theZoo

A repository of LIVE malwares for your own joy and pleasure

Language:Python000

tplmap

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

Language:PythonGPL-3.0000

truffleHog

Searches through git repositories for high entropy strings and secrets, digging deep into commit history

Language:PythonGPL-2.0000

VHostScan

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages.

Language:PythonGPL-3.0000