YuraveON

YuraveON's Stars

• jobertabma/virtual-host-discovery

  A script to enumerate virtual hosts on a server.

  Language:Ruby668115

• jobertabma/relative-url-extractor

  A small tool that extracts relative URLs from a file.

  Language:Ruby733117

• ffuf/ffuf

  Fast web fuzzer written in Go

  Language:Go12.9k1.3k

• capt-meelo/LazyRecon

  An automated approach to performing recon for bug bounty hunting and penetration testing.

  Language:Shell443102

• eslam3kl/3klCon

  Automation Recon tool which works with Large & Medium scopes. It performs a lot of tasks and gets back all the results in separated files.

  Language:Shell679135

• s0md3v/Arjun

  HTTP parameter discovery suite.

  Language:Python5.3k800

• devanshbatham/ParamSpider

  Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing

  Language:Python2.6k429

• hahwul/dalfox

  🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

  Language:Go3.8k428

• vincentcox/bypass-firewalls-by-DNS-history

  Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.

  Language:Shell1.2k263

• gitleaks/gitleaks

  Find secrets with Gitleaks 🔑

  Language:Go18.2k1.5k

• OWASP/CheatSheetSeries

  The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

  Language:Python28.4k4k

• techgaun/github-dorks

  Find leaked secrets via github search

  Language:Python2.8k591

• jhaddix/tbhm

  The Bug Hunters Methodology

  4k807

• jaeles-project/jaeles

  The Swiss Army knife for automated Web Application Testing

  Language:Go2.2k322

• OWASP/wstg

  The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

  Language:Dockerfile7.4k1.4k

• qazbnm456/awesome-web-security

  🐶 A curated list of Web Security materials and resources.

  11.5k1.7k

• Hack-with-Github/Awesome-Hacking

  A collection of various awesome lists for hackers, pentesters and security researchers

  86.6k9k

• 0xSobky/HackVault

  A container repository for my public web hacks!

  Language:JavaScript2k274

• hahwul/XSS-Payload-without-Anything

  XSS Payload without Anything.

  10228

• bugcrowd/bugcrowd_university

  Open source education content for the researcher community

  2.6k555

• kongsec/Vulnerabilities-Approach-Slides

  PDF slides

  24640

• TheCrysp/Hackbuntu

  Language:Shell359

• danielmiessler/SecLists

  SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

  Language:PHP59.3k24k

• swisskyrepo/PayloadsAllTheThings

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

  Language:Python62k14.8k

• KathanP19/HowToHunt

  Collection of methodology and test case for various web vulnerabilities.

  6.2k1.8k

• FluxionNetwork/fluxion

  Fluxion is a remake of linset by vk496 with enhanced functionality.

  Language:HTML5k1.4k

• GTFOBins/GTFOBins.github.io

  GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

  Language:HTML11k1.3k

• riramar/Web-Attack-Cheat-Sheet

  Web Attack Cheat Sheet

  4.2k641

• pry0cc/axiom

  The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

  Language:Shell4.1k646

• codingo/VHostScan

  A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

  Language:Python1.2k231