B0YK4's Stars
nowak0x01/WPXStrike
WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals vulnerabilities in WordPress
jaeles-project/jaeles
The Swiss Army knife for automated Web Application Testing
LewisArdern/metasecjs
MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts
xnl-h4ck3r/GAP-Burp-Extension
Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
irsdl/IIS-ShortName-Scanner
latest version of scanners for IIS short filename (8.3) disclosure vulnerability
xm1k3/cent
Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
OWASP/IoTGoat
IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices.
streaak/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
redcanaryco/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
Syslifters/sysreptor
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
dnSpyEx/dnSpy
Unofficial revival of the well known .NET debugger and assembly editor, dnSpy
hasherezade/pe_unmapper
Small tool to convert beteween the PE alignments (raw and virtual).
outflanknl/EvilClippy
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
arkadiyt/bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
ozguralp/gmapsapiscanner
DidierStevens/DidierStevensSuite
Please no pull requests for this repository. Thanks!
alexandreborges/malwoverview
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
therealdreg/DbgChild
Debug Child Process Tool (auto attach)
a1ext/labeless
Labeless is a multipurpose IDA Pro plugin system for labels/comments synchronization with a debugger backend, with complex memory dumping and interactive Python scripting capabilities.
byt3bl33d3r/WitnessMe
Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
blacklanternsecurity/bbot
A recursive internet scanner for hackers.
s0md3v/SubGPT
Find subdomains with GPT, for free
jhaddix/SubreconGPT
honoki/bbrf-client
The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
Dheerajmadhukar/karma_v2
β‘·β πππππ ππΈβ β’Ύ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)
projectdiscovery/nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
3xpl01tc0d3r/ProcessInjection
This program is designed to demonstrate various process injection techniques
google/timesketch
Collaborative forensic timeline analysis
log2timeline/plaso
Super timeline all the things