0xsan-z's Stars
Brum3ns/firefly
Black box fuzzer for web applications
I-Am-Jakoby/Flipper-Zero-BadUSB
Repository for my flipper zero badUSB payloads. Now almost entirely plug and play.
cpp-best-practices/cppbestpractices
Collaborative Collection of C++ Best Practices. This online resource is part of Jason Turner's collection of C++ Best Practices resources. See README.md for more information.
trickest/mksub
Generate tens of thousands of subdomain combinations in a matter of seconds
DanMcInerney/net-creds
Sniffs sensitive data from interface or pcap
DanMcInerney/xsscrapy
XSS spider - 66/66 wavsep XSS detected
psiinon/open-source-web-scanners
A list of open source web security scanners
xnl-h4ck3r/waymore
Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan & VirusTotal!
payloadbox/sql-injection-payload-list
🎯 SQL Injection Payload List
first20hours/google-10000-english
This repo contains a list of the 10,000 most common English words in order of frequency, as determined by n-gram frequency analysis of the Google's Trillion Word Corpus.
nikitastupin/clairvoyance
Obtain GraphQL API schema even if the introspection is disabled
dolevf/Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.
Impact-I/x8-Burp
Hidden parameters discovery suite
d4rckh/vaf
Vaf is a cross-platform very advanced and fast web fuzzer written in nim
d4rckh/grc2
grim reaper c2
Dheerajmadhukar/4-ZERO-3
403/401 Bypass Methods + Bash Automation + Your Support ;)
KingOfBugbounty/KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
ksharinarayanan/SSRFire
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
codingo/OSCP-2
Collection of things made during my OSCP journey
cipher387/osint_stuff_tool_collection
A collection of several hundred online tools for OSINT
briskinfosec/Tools
Free Online Tools
powerexploit/Awesome-Python-Scripts
A curated collection of some :heart_eyes: cool Python scripts.
cipher387/Dorks-collections-list
List of Github repositories and articles with list of dorks for different search engines
e11i0t4lders0n/Web-Application-Pentest-Checklist
lutfumertceylan/top25-parameter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
sensepost/gowitness
🔍 gowitness - a golang, web screenshot utility using Chrome Headless
ARPSyndicate/kenzer
automated web assets enumeration & scanning [DEPRECATED]
TheBinitGhimire/Web-Shells
Some of the best web shells that you might need!
TheBinitGhimire/GitHub-Recon
GitHub Recon — and what you can achieve with it!
TheBinitGhimire/NtHiM
Now, the Host is Mine! - Super Fast Sub-domain Takeover Detection!