SGT's repositories
avatarify-python
Avatars for Zoom, Skype and other video-conferencing apps.
AvillaForensics
Avilla Forensics 3.0
awesome-api-security
A collection of awesome API Security tools and resources.
badsecrets
A library for detecting known secrets across many web frameworks
bbrf-client
The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
bbrf-server
The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
BBTz
BBT - Bug Bounty Tools (examplesđź’ˇ)
botpress
The open-source hub to build & deploy GPT/LLM Agents ⚡️
can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
disable-flutter-tls-verification
A Frida script that disables Flutter's TLS verification
dot
The Deepfake Offensive Toolkit
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
exploit-notes
Sticky notes for pentesting.
ezXSS
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
gotestwaf
An open-source project in Golang to test different web application firewalls (WAF) for detection logic and bypasses
GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can used to bypass local security restrictions in misconfigured systems
HowToHunt
Tutorials and Things to Do while Hunting Vulnerability.
ios.cfw.guide
A complete iOS modding guide, from stock to jailbroken.
keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
MobileHackingCheatSheet
Basics on commands/tools/info on how to assess the security of mobile applications
mubeng
An incredibly fast proxy checker & IP rotator with ease.
privilege-escalation-awesome-scripts-suite
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
RegExAPI
list of regex for apis
secrets-patterns-db
Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
UxPlay
AirPlay Unix mirroring server
waf-bypass
Check your WAF before an attacker does
Web-Attack-Cheat-Sheet
Web Attack Cheat Sheet
webshell
This is a webshell open source project
xss_vibes
A modern tool written in Python that automates your xss findings.