eraymitrani

eraymitrani's Stars

• Hack-with-Github/Awesome-Hacking

  A collection of various awesome lists for hackers, pentesters and security researchers

  87.4k3.9k09.1k

• swisskyrepo/PayloadsAllTheThings

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

  Language:Python62.3k1.8k014.9k

• danielmiessler/SecLists

  SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

  Language:PHP59.9k1.9k27424k

• zaproxy/zaproxy

  The ZAP by Checkmarx Core project

  Language:Java12.9k4005.1k2.3k

• michenriksen/aquatone

  A Tool for Domain Flyovers

  Language:Go5.7k1360884

• EdOverflow/can-i-take-over-xyz

  "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

  Language:Python4.9k126246725

• qazbnm456/awesome-cve-poc

  ✍️ A curated list of CVE PoCs.

  3.4k3243724

• arkadiyt/bounty-targets-data

  This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

  3.2k2390591

• cujanovic/SSRF-Testing

  SSRF (Server Side Request Forgery) testing resources

  Language:Python2.4k731482

• 0x00-0x00/ShellPop

  Pop shells like a master.

  Language:Python1.4k5116235

• adon90/pentest_compilation

  Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios

  Language:XSLT1.3k732408

• codingo/VHostScan

  A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

  Language:Python1.2k3854231

• arkadiyt/bounty-targets

  This project crawls bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) hourly and dumps them into the bounty-targets-data repo

  Language:Ruby6362134112

• jordanpotti/CloudScraper

  CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

  Language:Python509187109

• neex/gifoeb

  exploit for ImageMagick's uninitialized memory disclosure in gif coder

  Language:Python28011760

• bayotop/off-by-slash

  Burp extension to detect alias traversal via NGINX misconfiguration at scale.

  Language:Python2557236

• thejakeyboy/umich-eecs545-lectures

  This repository contains the lecture materials for EECS 545, a graduate course in Machine Learning, at the University of Michigan, Ann Arbor.

  Language:Jupyter Notebook219411169

• yassineaboukir/CVE-2018-0296

  Script to test for Cisco ASA path traversal vulnerability (CVE-2018-0296) and extract system information.

  Language:Python2028268

• AlwaysBCoding/Episodes

  Source Code from episodes of AlwaysBCoding screencasts

  Language:JavaScript174232158

• EdOverflow/bugbountywiki

  The Bug Bounty Wiki

  17021017

• smiegles/mass3

  Language:Go12410020

• nahamsec/SundayStreams

  Data from my Sunday streams

  Language:HTML724020

• MrTaherAmine/pentest-management

  Simple webinterface combining different recon tools.

  Language:HTML121010

• cemakd/Fruits-vs-Veggies

  Language:JavaScript230