sumgr0's repositories
awesome-web-security
🐶 A curated list of Web Security materials and resources.
bb-reports-templates
My small collection of reports templates
BBvuln
A listing of the most common vuln that you can link in your PoCs
bountyplz
Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
bugbounty-scans
aquatone results for sites with bug bountys
commonCrawlParser
Simple multi threaded tool to extract domain related data from commoncrawl.org
EagleEye
Stalk your Friends. Find their Instagram, FB and Twitter Profiles using Image Recognition and Reverse Image Search.
faraday
Collaborative Penetration Test and Vulnerability Management Platform
fresh.py
An efficient multi-threaded DNS resolver validator
megplus
Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
PatrowlManager
PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
pentest-machine
Automates some pentest jobs via nmap xml file
pentest-tools
Custom pentesting tools
Probable-Wordlists
Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!
public-pentesting-reports
Curated list of public penetration test reports released by several consulting firms and academic security groups
react-native-web-hello-world
An example HelloWorld app that shares code between React Web and React Native
recon-my-way
This repository created for personal use and added tools from my latest blog post.
RTA
Red team Arsenal - An intelligent scanner to detect security vulnerabilities in company's layer 7 assets.
shodan-scripts
Collection of Scripts for shodan searching stuff.
sublazerwlst
Bundle of wordlists for brute-forcing subdomains (World + RUSSIA based).
Swiftness
A note-taking macOS app for penetration-testers.
TakeOver-v1
Takeover script extracts CNAME record of all subdomains at once. TakeOver saves researcher time and increase the chance of finding subdomain takeover vulnerability.
VulnerabilitySight
Vulnerabilities management solution
watchdog
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
webanalyze
Port of Wappalyzer (uncovers technologies used on websites) in go to automate scanning.
XXRF-Shots
XXRF Shots - Useful for testing SSRF vulnerability
Zeus-Scanner
Advanced reconnaissance utility