Pinned Repositories
003Recon
Some tools to automate recon - 003random
alpha-stage-scripts
Repo contains a list of random scripts that I use while testing out random things.
amass
In-Depth Subdomain Enumeration
android-backup-extractor
Android backup extractor
Android-Reports-and-Resources
A big list of Android Hackerone disclosed reports and other resources.
Androl4b
A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
angularjs-csti-scanner
Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.
Anubis
Subdomain enumeration and information gathering tool
DomainWatch
DomainWatch allows everyone to monitor domains for possible take-overs.
recon
information gathering
attacker34's Repositories
attacker34/alpha-stage-scripts
Repo contains a list of random scripts that I use while testing out random things.
attacker34/angularjs-csti-scanner
Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.
attacker34/awesome-appsec
A curated list of resources for learning about application security
attacker34/bucketkicker
Brute force AWS bucket finder
attacker34/burp_wp
Find known vulnerabilities in WordPress plugins and themes using Burp Suite proxy. WPScan like plugin for Burp.
attacker34/CSS-Keylogging
Chrome extension and Express server that exploits keylogging abilities of CSS.
attacker34/dnsbrute
a fast domain brute tool
attacker34/dnsrecon
DNS Enumeration Script
attacker34/docker-burp-rest-api
Easily build/run @vmware's burp-rest-api in Docker
attacker34/DockerAttack
Various Tools and Docker Images
attacker34/Droid-Application-Fuzz-Framework
Android application fuzzing framework with fuzzers and crash monitor.
attacker34/Hacking-books
attacker34/Hash-Buster
Hash Buster is a python script which scraps online hash crackers to find cleartext of a hash.
attacker34/infinity
Infinity can get phone numbers from facebook accounts with some maths and shit.
attacker34/inSp3ctor
AWS S3 Bucket/Object Finder
attacker34/JShell
JShell - Get a JavaScript shell with XSS.
attacker34/json-flash-csrf-poc
This repo contains the files required to perform a CSRF attack using Flash and HTTP 307 redirections.
attacker34/lazyrecon
This script is intended to automate your reconnaissance process in an organized fashion
attacker34/lazyshot
The simplest way to take an automated screenshot of given URLs. Easy installation! Edit
attacker34/LinkFinder
A python script that finds endpoints in JavaScript files
attacker34/megplus
Automated reconnaissance wrapper — TomNomNom's meg on steroids.
attacker34/Minesweeper
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 3200 malicious cryptocurrency mining domains (cryptojacking).
attacker34/open-redirect-scanner
open redirect subdomains scanner
attacker34/Probable-Wordlists
Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!
attacker34/proof-of-concepts
A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
attacker34/Random
This repo contains random stuffs
attacker34/ReconDog
Recon Dog is an all in one tool for all your basic information gathering needs.
attacker34/Scumblr
Web framework that allows performing periodic syncs of data sources and performing analysis on the identified results
attacker34/sparta
Network Infrastructure Penetration Testing Tool
attacker34/uxss-db
🔪 Universal Cross-site Scripting DB [+ other browser vulnerabilities]