bonino97's Stars
theblackturtle/fprobe
Take a list of domains/subdomains and probe for working http/https server.
PentestPad/subzy
Subdomain takeover vulnerability checker
subfinder/goaltdns
A permutation generation tool written in golang
rverton/webanalyze
Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
arkadiyt/bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
codigoconjuan/meeti
Repositorio con el código final del Proyecto Meeti hecho en Node.js
edduu/Arjun
HTTP parameter discovery suite.
streaak/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
j3ssie/osmedeus
A Workflow Engine for Offensive Security
hahwul/WebHackersWeapons
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
robotshell/magicRecon
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
byt3bl33d3r/python-Wappalyzer
Python driver for Wappalyzer, a web application detection utility.
momenbasel/keyFinder
Keyfinder🔑 is a tool that let you find keys while surfing the web!
m4ll0k/Atlas
Quick SQLMap Tamper Suggester
ThePorgs/Exegol
Fully featured and community-driven hacking environment
BishopFox/GitGot
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
michenriksen/gitrob
Reconnaissance tool for GitHub organizations
hisxo/gitGraber
gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
anshumanbh/git-all-secrets
A tool to capture all the git secrets by leveraging multiple open source git searching tools
s0md3v/Arjun
HTTP parameter discovery suite.
juliocesarfort/public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
BullsEye0/google_dork_list
Google Dorks | Google helps you to find Vulnerable Websites that Indexed in Google Search Results. Here is the latest collection of Google Dorks. A collection of 13.760 Dorks. Author: Jolanda de Koff
1N3/IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
alanbriangh/Magic-CheckList-for-Web-Applications
Web Security Checklist (Bug Bounty & Pentesting)
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
trimstray/the-book-of-secret-knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
ehsahil/recon-my-way
This repository created for personal use and added tools from my latest blog post.
reconness/reconness
ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
chenjj/CORScanner
🎯 Fast CORS misconfiguration vulnerabilities scanner