Pinned Repositories
003Recon
Some tools to automate recon - 003random
alpha-stage-scripts
Repo contains a list of random scripts that I use while testing out random things.
amass
In-Depth Subdomain Enumeration
android-backup-extractor
Android backup extractor
Android-Reports-and-Resources
A big list of Android Hackerone disclosed reports and other resources.
Androl4b
A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
angularjs-csti-scanner
Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.
Anubis
Subdomain enumeration and information gathering tool
DomainWatch
DomainWatch allows everyone to monitor domains for possible take-overs.
recon
information gathering
attacker34's Repositories
attacker34/Android-Reports-and-Resources
A big list of Android Hackerone disclosed reports and other resources.
attacker34/AutoNSE
Massive NSE (Nmap Scripting Engine) AutoSploit and AutoScanner
attacker34/awesome-pentest-cheat-sheets
Collection of the cheat sheets useful for pentesting
attacker34/awesome-security
A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
attacker34/bountyplz
Automated security reporting from markdown templates (HackerOne is currently the platform supported)
attacker34/brute
Package brute allows concurrently bruteforce subdomains for a domain using a list of DNS servers and querying a desired DNS record
attacker34/BurpBounty
Burp Bounty is a extension of Burp Suite that improve an active and passive scanner by yourself. This extension requires Burp Suite Pro.
attacker34/CHaS
An automated script to perform recon on a target to be used as the early recon stages of a pentest.
attacker34/CVE-2018-2628
Oracle Weblogic Server (10.3.6.0, 12.1.3.0, 12.2.1.2, 12.2.1.3) Deserialization Remote Command Execution Vulnerability (CVE-2018-2628)
attacker34/CVE-2018-7600
Exploit for CVE-2018-7600 Drupal SA-CORE-2018-002. PoC (Proof-of-Concept).
attacker34/ezXSS
ezXSS is an easy way to test (blind) XSS
attacker34/gobuster
Directory/file & DNS busting tool written in Go
attacker34/gOSINT
OSINT framework in Go
attacker34/hackbox
HackBox is the combination of awesome techniques.
attacker34/hacktronian
All in One Hacking Tool for Linux & Android
attacker34/massdns
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
attacker34/Namechk
Osint tool based on namechk.com for checking usernames on more than 100 websites, forums and social networks.
attacker34/otseca
Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
attacker34/pentest-tools
Custom pentesting tools
attacker34/PortWitness
Tool for checking Whether a domain or its multiple sub-domains are up and running.
attacker34/PwnBack
Burp Extender plugin that generates a sitemap of a website using Wayback Machine
attacker34/Recon-Methodology
Recon Methodology
attacker34/redshellguide
python script allow red teaming , hackthebox Pwners , OSCP lovers to shorten their time by these useful shells
attacker34/resolver
Resolver allows performing DNS queries such as resolving a DNS name querying some records, DNS zone transferences and reverse IP lookups
attacker34/s3-inspector
Tool to check AWS S3 bucket permissions
attacker34/Screen-Shooter
Screen Shooter is a simple tool for creating screenshots at any resolution within the Unity Editor.
attacker34/subfinder
SubFinder is a subdomain discovery tool that can discover massive amounts of valid subdomains for any target. It has a simple modular architecture and has been aimed as a successor to sublist3r project.
attacker34/subjack
Hostile Subdomain Takeover tool written in Go featuring self-reliant subdomain discovery with amass integration, allowing for simultaneous checking for subdomain takeovers while enumerating DNS.
attacker34/tinfoleak
The most complete open-source tool for Twitter intelligence analysis
attacker34/tko-subs
A tool that can help detect and takeover subdomains with dead DNS records