Pinned Repositories
botsql
Bot that uses Atscan and Sqlmap to perform scan and exploit sql vulns
brutecms
Multi-threaded CMS BruteForcer to WordPress, Joomla, Drupal, OpenCart
fastssh
Fast SSH Scan and BruteForcer for most common credentials.
infog
Information Gathering Tool
PAVELOW
PAVELOW Exploit Toolbox is a BASH script that corresponds with your KALI distro to better help your vulnerability hunting and exploiting proccess with a few other goodies added to aid your fight.
Samurai
Samurai Email Discovery - SED is a email discovery framework that grabs emails via google dork, company name, or domain name.
TheDoc
TheDoc is a simple but very useful SQLMAP automator with built in admin finder, hash cracker(using hashca) and more!
welcome
Brief Introduction
OffXec's Repositories
OffXec/bug-bounty-Dorks-1
OffXec/awesome-burp-extensions
A curated list of amazingly awesome Burp Extensions
OffXec/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
OffXec/awesome-bbht
A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain. Feel free to fork, and add your own tools.
OffXec/Bashter
Web Crawler, Scanner, and Analyzer Framework (Shell-Script based)
OffXec/Osmedeus
Fully automated offensive security tool for reconnaissance and vulnerability scanning
OffXec/owasp-mstg
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering.
OffXec/PUSHA
"Pusha 1.0" is a fully automated advanced penatration "command shell" made in Python 3.
OffXec/ScanQLi
SQLi scanner to detect SQL vulns
OffXec/top25-parameter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
OffXec/webHunt
Web App bug hunting
OffXec/wpbullet
A static code analysis for WordPress (and PHP)
OffXec/android-security-awesome
A collection of android security related resources
OffXec/assetfinder
Find domains and subdomains related to a given domain
OffXec/bug-bounty-dorks
List of Google Dorks for sites that have responsible disclosure program / bug bounty program
OffXec/dirmap
An advanced web directory scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录扫描工具,功能将会强于DirBuster、Dirsearch、cansina、御剑。
OffXec/hack-your-university
A list of universities with vulnerability disclosure policies
OffXec/httpx
httpx is a fast and multi-purpose HTTP toolkit allows to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.
OffXec/RubyByExample
Ruby by example. Short, sweet & simple.
OffXec/selenium-ide
Open Source record and playback test automation for the web.
OffXec/Thief
Subdomain hijack automation.
OffXec/welcome
Brief Introduction
OffXec/aquaHelper
Work in Progress.
OffXec/Arjun
HTTP parameter discovery suite.
OffXec/awesome-termux-hacking
⚡️An awesome list of the best Termux hacking tools
OffXec/bugcrowd_university
Open source education content for the researcher community
OffXec/Codespaces
OffXec/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
OffXec/nuclei
Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.
OffXec/OWASP-Testing-Guide-v5