Pedro Araujo's repositories
infosec-resources
A list of helpful cybersecurity / infosec resources
OSINT-Brazuca
Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.
pwnagotchi
(⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.
Telefonica-CTF
Workshop focado em ensinar o caminho das pedras e os "pulos do gato".
apkleaks
Scanning APK file for URIs, endpoints & secrets.
Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
awesome-ctf
A curated list of CTF frameworks, libraries, resources and softwares
bfac
BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source code.
bugBountyTemplates
List of reporting templates I have used since I started doing BBH.
credentialLeakDB
A database for storing, querying and doing stats on credential leaks
DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
eyeballer
Convolutional neural network for analyzing pentest screenshots
JNDI-Exploit-Kit
JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection)
KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
kiterunner
Contextual Content Discovery Tool
pastebin-scraper
Live-scraping pastebin to fight boredom.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Profil3r
OSINT tool that allows you to find a person's accounts and emails + breached emails 🕵️
scrapy-rotating-proxies
use multiple proxies with Scrapy
sherlock
🔎 Hunt down social media accounts by username across social networks
the-nuclei-templates
Nuclei templates written by us.
TrashSearch
Searching the TrashPanda OSINT bot API to check if your email/domain or password was leaked or not
xsshunter
The XSS Hunter service - a portable version of XSSHunter.com