0xshahriar's Stars
OWASP/wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
nomi-sec/PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
GhostTroops/scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
zan8in/afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
pwndoc/pwndoc
Pentest Report Generator
Ignitetechnologies/BurpSuite-For-Pentester
This cheatsheet is built for the Bug Bounty Hunters and penetration testers in order to help them hunt the vulnerabilities from P4 to P1 solely and completely with "BurpSuite".
jordanpotti/AWSBucketDump
Security Tool to Look For Interesting Files in S3 Buckets
projectdiscovery/shuffledns
MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filtering and easy input-output support.
projectdiscovery/notify
Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a variety of supported platforms.
yeswehack/PwnFox
PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.
zeroc00I/AllVideoPocsFromHackerOne
This script grab public report from hacker one and make some folders with poc videos
Ignitetechnologies/Nmap-For-Pentester
This cheatsheet was created to assist Red Teamers and Penetration Testers in hunting down vulnerabilities using "Nmap."
eslam3kl/SQLiDetector
Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases.
micro-joan/BlackStone
Pentesting Reporting Tool
Mr-Robert0/Logsensor
A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning
daffainfo/match-replace-burp
Useful "Match and Replace" burpsuite rules
padok-team/yatas
:owl::mag_right: A simple tool to audit your AWS/GCP infrastructure for misconfiguration or potential security issues with plugins integration
AlaBouali/bane
The "bane" Python library stands out as a robust toolkit catering to a wide spectrum of cybersecurity and networking tasks. Its versatile range of functionalities covers various aspects, including bruteforce attacks, cryptographic methods, DDoS attacks, information gathering, botnet creation and management, and CMS vulnerability scanning and more..
hash3liZer/Subrake
🚀 A DNS automated scanner and tool 🖱️ (Zone Transfer, DNS Zone Takeover, Subdomain Takeover).
six2dez/dorks_hunter
Simple Google Dorks search tool
Net-hunter121/API-Wordlist
SeifElsallamy/Blind-XSS-Manager
Never forget where you inject.
pdelteil/BugBountyHuntingScripts
I built some bash functions to help me while doing mundane and repetitive tasks using BBRF, Nuclei or other Bug bounty tool.
trickest/mkpath
Make URL path combinations using a wordlist
emadshanab/Nmap-NSE-scripts-collection
Proviesec/xss-payload-list
xss-payload-list
harsh-bothra/HowToHunt
Tutorials and Things to Do while Hunting Vulnerability.
nirsarkar/vscan
c0brabaghdad1/DVPA
Damn Vulnerable PHP Application (DVPA) - It is Lab Written in The PHP lang, Which Contains PHP Type Juggling - RCE Challenges
mathis2001/ParamChanger
ParamChanger is a tool allowing you to replace the parameters of a list of urls by a payload entered as an argument