0xshahriar's Stars
kamranahmedse/developer-roadmap
Interactive roadmaps, guides and other educational content to help developers grow in their careers.
Hack-with-Github/Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
tomnomnom/gron
Make JSON greppable!
projectdiscovery/katana
A next-generation crawling and spidering framework.
GoesToEleven/GolangTraining
Training for Golang (go language)
devanshbatham/Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Ignitetechnologies/BurpSuite-For-Pentester
This cheatsheet is built for the Bug Bounty Hunters and penetration testers in order to help them hunt the vulnerabilities from P4 to P1 solely and completely with "BurpSuite".
m4ll0k/SecretFinder
SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
HolyBugx/HolyTips
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
tomnomnom/anew
A tool for adding new lines to files, skipping duplicates
s0md3v/Corsy
CORS Misconfiguration Scanner
0xInfection/XSRFProbe
The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
KathanP19/JSFScan.sh
Automation for javascript recon in bug bounty.
bitquark/shortscan
An IIS short filename enumeration tool
R0X4R/Garud
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
kurobeats/fimap
fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion bugs in webapps.
micro-joan/BlackStone
Pentesting Reporting Tool
HackShiv/OneDorkForAll
An insane list of all dorks taken from everywhere from various different sources.
RevoltSecurities/Subdominator
SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty
0xKayala/NucleiScanner
NucleiScanner is a Powerful Automation tool for detecting Unknown Vulnerabilities in the Web Applications
padok-team/yatas
:owl::mag_right: A simple tool to audit your AWS/GCP infrastructure for misconfiguration or potential security issues with plugins integration
six2dez/dorks_hunter
Simple Google Dorks search tool
evilcos/xss.swf
a tiny tool for swf hacking, just browse it:)
SeifElsallamy/Blind-XSS-Manager
Never forget where you inject.
dootss/shodan-dorks
An auto-updating list of shodan dorks with info on the amount of results they return!
0xbharath/domains-from-csp
A script to extract domain names from Content Security Policy(CSP) headers
tomnomnom/burl
A Broken-URL Checker
c0brabaghdad1/DVPA
Damn Vulnerable PHP Application (DVPA) - It is Lab Written in The PHP lang, Which Contains PHP Type Juggling - RCE Challenges
mathis2001/ParamChanger
ParamChanger is a tool allowing you to replace the parameters of a list of urls by a payload entered as an argument
BDhackers009/proot-distro
An utility for managing installations of the Linux distributions in Termux.