Pinned Repositories
Awesome-Hacking-Resources
A collection of hacking / pentetration testing resources to make you better!
burplist
BurpSmartBuster
A Burp Suite content discovery plugin that add the smart into the Buster!
CT_subdomains
An hourly updated list of subdomains gathered from certificate transparency logs
CTF-Difficulty
This cheasheet is aimed at the CTF Players and Beginners to help them sort the CTF Challenges on the basis of Difficulties.
domain-scan
A local or Lambda-based pipeline for scanning domains to measure things like HTTPS and accessibility.
domdig
DOM XSS scanner for Single Page Applications
fronter
Find frontable domains
Open_OSINT_Team_Links
Links for the Open OSINT Slack Team
SPSE
SPSE Exercises
Hax0rG1rl's Repositories
Hax0rG1rl/terraform_aws_scp
AWS Organizations Service Control Policies (SCPs) written in HashiCorp Terraform.
Hax0rG1rl/abuse-ssl-bypass-waf
Bypassing WAF by abusing SSL/TLS Ciphers
Hax0rG1rl/AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
Hax0rG1rl/Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
Hax0rG1rl/apache-log4j-poc
Apache Log4j 远程代码执行
Hax0rG1rl/Awesome-Cloud-PenTest
Hax0rG1rl/Best-AI-Papers
"It does not do to dwell on dreams and forget to live."― J.K. Rowling
Hax0rG1rl/CloudFail
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Hax0rG1rl/CMSScan
CMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues
Hax0rG1rl/cook
Easily create word's permutation and combination to generate complex wordlists and passwords.
Hax0rG1rl/crlfuzz
A fast tool to scan CRLF vulnerability written in Go
Hax0rG1rl/deciduous
App that makes building attack decision trees from the Security Chaos Engineering report easy
Hax0rG1rl/deepfake-image-detection
Predict if an image is real or generated by GANs (fake)
Hax0rG1rl/diagrams
:art: Diagram as Code for prototyping cloud system architectures
Hax0rG1rl/disclose
Driving safety, simplicity, and standardization in vulnerability disclosure.
Hax0rG1rl/ethereumbook
Mastering Ethereum, by Andreas M. Antonopoulos, Gavin Wood
Hax0rG1rl/googler
:mag: Google from the terminal
Hax0rG1rl/grex
A command-line tool and library for generating regular expressions from user-provided test cases
Hax0rG1rl/horuz
Keep an eye of your recon. Save and query your recon data on ElasticSearch.
Hax0rG1rl/KNR-XSS-Payloads
Payloads For XSS
Hax0rG1rl/Kunlun-M
KunLun-M是一个完全开源的静态白盒扫描工具,支持PHP、JavaScript的语义扫描,基础安全、组件安全扫描,Chrome Ext\Solidity的基础扫描。
Hax0rG1rl/reconmaster
ReconMaster contest - scripts used and a write-up
Hax0rG1rl/samlists
Free, libre, effective, and data-driven wordlists for all!
Hax0rG1rl/solhint
Solhint is an open source project created by https://protofire.io. Its goal is to provide a linting utility for Solidity code.
Hax0rG1rl/spf-bypass
This project demonstrates SPF-bypass techniques utilised by phishers to abuse domains that haven't been secured by DMARC.
Hax0rG1rl/stop-firefox-automatic-connections
Hax0rG1rl/TextAttack
TextAttack 🐙 is a Python framework for adversarial attacks, data augmentation, and model training in NLP https://textattack.readthedocs.io/en/latest/
Hax0rG1rl/threat-matrix-cicd
Threat matrix for CI/CD Pipeline
Hax0rG1rl/VECTR
VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios
Hax0rG1rl/webapp-wordlists
This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.