Pinned Repositories
Awesome-Hacking-Resources
A collection of hacking / pentetration testing resources to make you better!
burplist
BurpSmartBuster
A Burp Suite content discovery plugin that add the smart into the Buster!
CT_subdomains
An hourly updated list of subdomains gathered from certificate transparency logs
CTF-Difficulty
This cheasheet is aimed at the CTF Players and Beginners to help them sort the CTF Challenges on the basis of Difficulties.
domain-scan
A local or Lambda-based pipeline for scanning domains to measure things like HTTPS and accessibility.
domdig
DOM XSS scanner for Single Page Applications
fronter
Find frontable domains
Open_OSINT_Team_Links
Links for the Open OSINT Slack Team
SPSE
SPSE Exercises
Hax0rG1rl's Repositories
Hax0rG1rl/awesome-chatgpt-prompts
This repo includes ChatGPT promt curation to use ChatGPT better.
Hax0rG1rl/Awesome-GPT-Agents
A curated list of GPT agents for cybersecurity
Hax0rG1rl/awesome-intelligence-writing
Awesome collection of great and useful resources concerning intelligence writing such as manuals/guides, standards, books, and articles
Hax0rG1rl/awesome-threat-modelling
A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
Hax0rG1rl/Blood-DDoS-
Layer 7 DDoS Panel with Cloudflare Bypass ( UAM, CAPTCHA, BFM, etc.. )
Hax0rG1rl/BotPEASS
Use this bot to monitor new CVEs containing defined keywords and send alerts to Slack and/or Telegram.
Hax0rG1rl/CertificationMaterials
A collection of materials related to my certification videos
Hax0rG1rl/cfpsec
CFPsec is a client program that retrieves the list of Call For Papers or/and upcoming Hacking/Security Conferences based on cfptime.org website.
Hax0rG1rl/Code-Review-Notes
Hax0rG1rl/CVE-2022-25262
PoC + vulnerability details for CVE-2022-25262 / JetBrains Hub single-click SAML response takeover
Hax0rG1rl/DevSecOps
Ultimate DevSecOps library
Hax0rG1rl/domainhunter
Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names
Hax0rG1rl/garak
LLM vulnerability scanner
Hax0rG1rl/GooFuzz
GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).
Hax0rG1rl/goscanner
goscanner is a tool for large-scale TLS and SSH scans
Hax0rG1rl/JNDI-Exploit-Kit
JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection)
Hax0rG1rl/L4sh
Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.
Hax0rG1rl/log4j-payload-generator
Log4j jndi injects the Payload generator
Hax0rG1rl/Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite
Hax0rG1rl/LogMePwn
A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.
Hax0rG1rl/my_cve_and_bounty_poc
Disclose some POCs of my obtained CVE and bug bounty.
Hax0rG1rl/nginxpwner
Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.
Hax0rG1rl/PROXY-List
Get PROXY List that gets updated everyday
Hax0rG1rl/pytm
A Pythonic framework for threat modeling
Hax0rG1rl/reflector-1
A crawler that tests HTML forms for reflection
Hax0rG1rl/restler-fuzzer
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
Hax0rG1rl/semgrep-smart-contracts
Semgrep rules for smart contracts based on DeFi exploits
Hax0rG1rl/SpoofThatMail
Bash script to check if a domain or list of domains can be spoofed based in DMARC records
Hax0rG1rl/threagile
Agile Threat Modeling Toolkit
Hax0rG1rl/TOP
TOP All bugbounty pentesting CVE-2022- POC Exp RCE example payload Things