Pinned Repositories
Archive
Hacking Methodology, Cheatsheats, Conceptual-Breakdowns
Auto_Wordlists
DS_Store_crawler_parser
a parser + crawler for .DS_Store files exposed publically
h1domains
HackerOne "in scope" domains for all your fuzzing needs
mitmproxy2swagger
Automagically reverse-engineer REST APIs via capturing traffic
pastepwn
Python framework to scrape PasteBin pastes and analyze them
pentest-scripts
Compilation of scripts/tools (made by me or not) that help me with Pentest and Bug Bounty.
sherlock
🔎 Find usernames across social networks
thc-1001-tips-and-tricks
Various tips & tricks
unblob
Extract files from any kind of container formats
bbhunter's Repositories
bbhunter/GHunt
🕵️♂️ Investigate Google Accounts with emails.
bbhunter/authz0
🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URL and Role.
bbhunter/badsecrets
A library for detecting known secrets across many web frameworks
bbhunter/client-side-prototype-pollution
Prototype Pollution and useful Script Gadgets
bbhunter/CloudBunny
CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
bbhunter/CLZero
A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors
bbhunter/conditional-love
An AWS metadata enumeration tool by Plerion
bbhunter/DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
bbhunter/disclose
Driving safety, simplicity, and standardization in vulnerability disclosure.
bbhunter/dnsmonster
Passive DNS Capture/Monitoring Framework
bbhunter/frida-android-unpinning
A Frida script to disable SSL certificate pinning in a target application
bbhunter/fuzz4bounty
Awesome wordlists for Bug Bounty Hunting
bbhunter/GitFive
Track down GitHub users.
bbhunter/go-dork
The fastest dork scanner written in Go.
bbhunter/how2heap
A repository for learning various heap exploitation techniques.
bbhunter/Jira-Lens
Fast and customizable vulnerability scanner For JIRA written in Python
bbhunter/lit-bb-hack-tools
Little Bug Bounty & Hacking Tools
bbhunter/OpenDoor
OWASP WEB Directory Scanner
bbhunter/OSCP-Exam-Report-Template-Markdown
:orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
bbhunter/PoC-3
Advisories, proof of concept files and exploits that have been made public by @pedrib.
bbhunter/PowerHub
A web application to transfer PowerShell modules, executables, snippets and files while bypassing AV and application whitelisting
bbhunter/pysimdjson
Python bindings for the simdjson project.
bbhunter/restler-fuzzer
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
bbhunter/rsa_sign2n
Deriving RSA public keys from message-signature pairs
bbhunter/rust-by-practice
Practice Rust with challenging examples, exercises and projects to narrow the gap between beginner and skilled-dev.
bbhunter/spk
spk aka spritzgebaeck: A small OSINT/Recon tool to find CIDRs that belong to a specific organization.
bbhunter/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
bbhunter/vulnerable-code-snippets-1
Twitter vulnerable snippets
bbhunter/waymore
Find way more from the Wayback Machine!
bbhunter/wordlists-7
Automated & Manual Wordlists provided by Assetnote