shahinulm2011's repositories
awesome-osint
:scream: A curated list of amazingly awesome OSINT me
recon-ng
Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.
can-i-take-over-xyz-m
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
recon
information gathering
IDM-Activation-Script
An open source tool to activate and reset trial of Internet Download Manager
xsshunter-express-for-xss-find
An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!
reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
EyeWitness
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to
osmedeus
A Workflow Engine for Offensive Security
OneListForAll
Rockyou for web fuzzing
public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
CTF
CTF chall write-ups, files, scripts etc (trying to be more organised LOL)
GTFONow
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
subfinder
Fast passive subdomain enumeration tool.
RflDllOb
Reflective DLL Injection - M++
ffuf
Fast web fuzzer written in Go
AtlasLdr
Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls
assetfinder
Find domains and subdomains related to a given domain
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
xss_vibes
A modern tool written in Python that automates your xss findings.
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
cupp-wordlist-maker-
Common User Passwords Profiler (CUPP)
amass
In-depth attack surface mapping and asset discovery
haxor
Haxor is a advance customizable phishing tool. Only for educational purposes. The developer of this tool is not liable for any unethical use.