xrx's repositories
recollapse
REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
BSQLi
timebased blind sqli with 99% success rate
priv8-Nuclei
this repo contains all nuclei templates for particular vulnerability that i used mosty while hunting..
Conferences
Conference presentation slides
SQL_Injection-Techniques
Advanced SQL Injection Techniques for Bug Bounty Hunters
SQLiDetector
Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases.
Dorks
Bug Bounty Dorks
google-dorks-bug-bounty
A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting
subfalcon
subfalcon is a subdomain enumeration tool that allows you to discover and monitor subdomains for a given list of domains. It fetches subdomains from various sources [crtsh, hackertargetapi, anubis, alienvault, rappiddns, urlscan ] , saves them to a SQLite database, and can notify updates via Discord.
gungnir
CT Log Scanner
Breacher
An advanced multithreaded admin panel finder written in python.
favicon-hash.kmsec.uk
Cloudflare Worker to get favicon hashes for Shodan hunting
sheye
Opensource assets and vulnerability scanning tool
temp-mail
TempMail is a simple web application that allows you to generate temporary email addresses and view the emails received by these addresses.
dmarc-subdomains
Tool to parse subdomains from dmarc.live
G-dorks
google dorks for locate important files, information and accesses
BBTz
BBT - Bug Bounty Tools (examplesđź’ˇ)
de4js
JavaScript Deobfuscator and Unpacker
BurpJSLinkFinder
Burp Extension for a passive scanning JS files for endpoint links.
subOv88r
Simple go tool for analyzing list of subdomains for subdomain takeover vulnerability
mapperplus
MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.