Shirshakhtml

Scan for secrets, endpoints, and other sensitive data after decompiling and deobfuscating Android files. (.apk, .xapk, .dex, .jar, .class, .smali, .zip, .aar, .arsc, .aab, .jadx.kts).

Language:PythonNOASSERTION19000

CRTP-Notes

Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing

27000

Awesome-Privilege-Escalation

Awesome Privilege Escalation

6300

socialhunter

crawls the website and finds broken social media links that can be hijacked

Language:GoMIT65000

noshit

A simple bug bounty utility tool to remove uninteresting entries from a list of URLs.

Language:Shell1400

Red-Teaming-Toolkit

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

GPL-3.0890100

nowafpls

Burp Plugin to Bypass WAFs through the insertion of Junk Data

Language:Python79100

Bug-Bounty-Methodology

These are my checklists which I use during my hunting.

Language:HTML55400

EyeWitness

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

Language:PythonGPL-3.0487900

Photon

Incredibly fast crawler designed for OSINT.

Language:PythonGPL-3.01079900

nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Language:JavaScriptMIT886600

THOR

The Hardware Onion Router

Language:ShellMPL-2.03200

bbht

A script to set up a quick Ubuntu 17.10 x64 box with tools I use.

Language:Shell114300

SubEnum

bash script for Subdomain Enumeration

Language:Shell30100

the-art-of-subdomain-enumeration

This repository contains all the supplement material for the book "The art of sub-domain enumeration"

Language:Python63300

shuffledns

MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filtering and easy input-output support.

Language:GoGPL-3.0128800