Sechunt3r's Stars
duckduckgo/tracker-radar
Data set of top third party web domains with rich metadata about them
TalEliyahu/awesome-cybersecurity-conferences
Watch the latest awesome security talks around the globe
qazbnm456/awesome-web-security
🐶 A curated list of Web Security materials and resources.
glitchedgitz/cook
A wordlist framework to fullfill your kinks with your wordlists. For security researchers, bug bounty and hackers.
n0kovo/n0kovo_subdomains
An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
mandatoryprogrammer/xcname
A tool for enumerating expired domains in CNAME records
trimstray/sandmap
Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.
nikitastupin/orgs-data
Mapping from bug bounty and vulnerability disclosure programs to respective GitHub organizations
punk-security/dnsReaper
dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!
Qianlitp/crawlergo
A powerful browser crawler for web vulnerability scanners
projectdiscovery/uncover
Quickly discover exposed hosts on the internet using multiple search engines.
edoardottt/awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
vavkamil/awesome-bugbounty-tools
A curated list of various bug bounty tools
valeriyshevchenko90/WhereToGo
WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find entry points to the organization data.
musana/mx-takeover
mx-takeover focuses DNS MX records and detects misconfigured MX records.
BishopFox/jsluice
Extract URLs, paths, secrets, and other interesting bits from JavaScript
Nekmo/dirhunt
Find web directories without bruteforce
UnaPibaGeek/ctfr
Abusing Certificate Transparency logs for getting HTTPS websites subdomains.
edermi/skweez
Fast website scraper and wordlist generator
Sh1Yo/x8
Hidden parameters discovery suite
ImAyrix/fallparams
Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
glebarez/cero
Scrape domain names from SSL certificates of arbitrary hosts
ethicalhackingplayground/bxss
Blind XSS Scanner is a tool that can be used to scan for blind XSS vulnerabilities in web applications.
Invicti-Security/brainstorm
A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery
v1dhun/subfinder-action
Finding subdomain using subfinder
rmkanda/tools
Curated list of security tools
TalEliyahu/awesome-security-newsletters
Periodic cyber security newsletters that capture the latest news, summaries of conference talks, research, best practices, tools, events, vulnerabilities, and analysis of trending threats and attacks
semihalev/sdns
A high-performance, recursive DNS resolver server with DNSSEC support, focused on preserving privacy.
apify/crawlee
Crawlee—A web scraping and browser automation library for Node.js to build reliable crawlers. In JavaScript and TypeScript. Extract data for AI, LLMs, RAG, or GPTs. Download HTML, PDF, JPG, PNG, and other files from websites. Works with Puppeteer, Playwright, Cheerio, JSDOM, and raw HTTP. Both headful and headless mode. With proxy rotation.
snwfdhmp/awesome-gpt-prompt-engineering
A curated list of awesome resources, tools, and other shiny things for LLM prompt engineering.