bcvisualbooking's Stars
craighays/bucketkicker
Brute force AWS bucket finder
meliht/Mr.SIP
SIP-Based Audit and Attack Tool
jesusprubio/bluebox
Pentesting framework using Node.js powers, focused in VoIP.
mschwager/fierce
A DNS reconnaissance tool for locating non-contiguous IP space.
ChrisTruncer/mikto
Script to automate, manage, and multithread Nikto scans.
EdOverflow/bugbountyguide
Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.
EdOverflow/bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
ernw/hardening
Repository of Hardening Guides
SecFathy/Bugzee
Simple Script to install recommended Bug Bounty Hunting Tools In Your Linux Disto
jakejarvis/bounty-domains
List of domains in scope for bug bounties (HackerOne, Bugcrowd, etc.)
VincentDS/HackerOne-Notifier
Send notifications if a new program is published on HackerOne using Pushbullet
fransr/bountyplz
Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
mhmdiaa/second-order
Second-order subdomain takeover scanner
TypeError/domained
Multi Tool Subdomain Enumeration
infosec-au/altdns
Generates permutations, alterations and mutations of subdomains and then resolves them
PentestPad/subzy
Subdomain takeover vulnerability checker
projectdiscovery/subfinder
Fast passive subdomain enumeration tool.
screetsec/Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
backdoorhub/shell-backdoor-list
🎯 PHP / ASP - Shell Backdoor List 🎯
DFC302/BugBountyTemplate
A simple Cherry Tree template that can be used to organize bug bounties
utkusen/leviathan
wide range mass audit toolkit
CISOfy/lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
arkadiyt/bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
m0rtem/CloudFail
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
tomnomnom/httprobe
Take a list of domains and probe for working HTTP and HTTPS servers
tomnomnom/meg
Fetch many paths for many hosts - without killing the hosts
tomnomnom/assetfinder
Find domains and subdomains related to a given domain
CodeNerve/CodeNerve.github.io
Terminal based portfolio website for CodeNerve
christophetd/CloudFlair
🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
NationalSecurityAgency/ghidra
Ghidra is a software reverse engineering (SRE) framework