dahabjr

Bug Bounty Hunter (Gem'sFinder)

world wide web

Pinned Repositories

403-bypass
403-bypass tool to bypass 403 responses.
Language:Python1 0 00
AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
1 0 00
API-Security
OWASP API Security Project
Language:Dockerfile1 0 00
apkleaks
Scanning APK file for URIs, endpoints & secrets.
Language:Python1 0 00
ars0n-framework
A Modern Framework for Bug Bounty Hunting
Language:JavaScript10
Awesome-Fuzzing
A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
10
Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
10
awesome-web-hacking
A list of web application security
1 0 00
bbht
A script to set up a quick Ubuntu 17.10 x64 box with tools I use.
Language:Shell10
Bug_Bounty_Tools_and_Methodology
Bug Bounty Tools used on Twitch - Recon
1 0 00

dahabjr's Repositories

dahabjr/Awesome-Fuzzing
A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
10
dahabjr/cook
A wordlist framework to fullfill your kinks with your wordlists. For security researchers, bug bounty and hackers.
1
dahabjr/crlfuzz
A fast tool to scan CRLF vulnerability written in Go
1
dahabjr/dalfox
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
1
dahabjr/fuzz.txt
Potentially dangerous files
1
dahabjr/nowafpls
Burp Plugin to Bypass WAFs through the insertion of Junk Data
1
dahabjr/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers, it just makes recon effortless.
1
dahabjr/spyhunt
recon for bug hunters
1
dahabjr/vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
1
dahabjr/wordlists
Automated & Manual Wordlists provided by Assetnote
1
dahabjr/Anubis
Subdomain enumeration and information gathering tool
dahabjr/awesome-bugbounty-tools
A curated list of various bug bounty tools
dahabjr/awesome-mobile-security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
dahabjr/bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
dahabjr/dahabjr
Config files for my GitHub profile.
dahabjr/eslint
Find and fix problems in your JavaScript code.
dahabjr/eslint-plugin-no-unsanitized
Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike
dahabjr/ghauri
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
Language:Python0 0
dahabjr/go-dork
The fastest dork scanner written in Go.
dahabjr/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
dahabjr/HTLogin
HowToLogin is a tool that tests web application login pages for login bypass.
dahabjr/insomnia
The open-source, cross-platform API client for GraphQL, REST, WebSockets, SSE and gRPC. With Cloud, Local and Git storage.
dahabjr/limiter
A small command-line utility to artificially limit the input rate to STDIN.
dahabjr/mantra
「🔑」A tool used to hunt down API key leaks in JS files and pages
dahabjr/NoMoreForbidden
NoMoreForbidden is a tool that tries various techniques to bypass forbidden(403) pages on websites and presents their results to the user.
dahabjr/OpenRedireX
A fuzzer for detecting open redirect vulnerabilities
dahabjr/porch-pirate
Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitation of API endpoints and secrets committed to workspaces, collections, requests, users and teams. Porch Pirate can be used as a client or be incorporated into your own applications.
dahabjr/sherlock
🔎 Hunt down social media accounts by username across social networks
dahabjr/theHarvester
E-mails, subdomains and names Harvester - OSINT
dahabjr/tldr
📚 Collaborative cheatsheets for console commands