Pinned Repositories
api_wordlist
A wordlist of API names for web application assessments
arabicTS
ArchiveFuzz
Hunt down the secrets from the WebArchives for Fun and Profit
assetnote
Push notifications for passive DNS data
assets-from-spf
A Python script to parse net blocks & domain names from SPF record
awesome-bug-bounty
A comprehensive curated list of available Bug Bounty & Disclosure Programs and write-ups.
awesome-default-passwords
An organized collection of default passwords for various devices and services.
Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
Awesome-Vulnerability-Research
🦄 A curated list of the awesome resources about the Vulnerability Research
Ayoub5474's Repositories
Ayoub5474/arabicTS
Ayoub5474/assets-from-spf
A Python script to parse net blocks & domain names from SPF record
Ayoub5474/cc.py
Extracting URLs of a specific target based on the results of "commoncrawl.org"
Ayoub5474/CMSeeK
CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and 150 other CMSs
Ayoub5474/CRLF-Injection-Scanner
Command line tool for testing CRLF injection on list of domains.
Ayoub5474/domains-from-csp
A script to extract domain names from Content Security Policy(CSP) headers
Ayoub5474/Exploit-Development-Tools
A bunch of my exploit development helper tools, collected in one place.
Ayoub5474/Exploits
Containing Self Made Perl Reproducers / PoC Codes
Ayoub5474/fuxploider
File upload vulnerability scanner and exploitation tool.
Ayoub5474/github-dorks
Collection of github dorks and helper tool to automate the process of checking dorks
Ayoub5474/gitrob
Reconnaissance tool for GitHub organizations
Ayoub5474/HackerOneDB
The unofficial HackerOne disclosure Timeline
Ayoub5474/Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
Ayoub5474/papers-we-love
Papers from the computer science community to read and discuss.
Ayoub5474/parameth
This tool can be used to brute discover GET and POST parameters
Ayoub5474/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Ayoub5474/Photon
Crawler which extracts URLs, files, intel & endpoints from a target and is ridiculously fast.
Ayoub5474/RandomScripts
Random Shell Scripts and other ideas I have along the way
Ayoub5474/reading
A list of computer-science related readings I'm planning on reading. Would love PR's!
Ayoub5474/SAP
Ayoub5474/ScreenShooter
Convert your masscan/subdomain-scan results (80,443,8080) into screenshots for better analysis
Ayoub5474/server-status_PWN
A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-status instances.
Ayoub5474/SSRF-Testing
SSRF (Server Side Request Forgery) testing resources
Ayoub5474/swf_json_csrf
Ayoub5474/tomcatWarDeployer
Apache Tomcat auto WAR deployment & pwning penetration testing tool.
Ayoub5474/truffleHog
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
Ayoub5474/Virtual-host-wordlist
Virtual host wordlist
Ayoub5474/WebShell-1
WebShell Collect
Ayoub5474/wesng
Windows Exploit Suggester - Next Generation
Ayoub5474/Wordpress-XMLRPC-Brute-Force-Exploit
Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield