Pinned Repositories
-D
a-full-list-of-wordlists
this contain the burp pack
aapfinder
AAP Finder (Advanced Admin Page Finder) is a tool written in Python3 with advanced functionalities
Acquisitions
Python Script to Print the name of the companies that are acquired by a Target Company and the Time of Acquisition.
ADExplorerSnapshot.py
ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.
advisories
AES-Illustrated
An implementation of the Advanced Encryption Standard (AES) algorithm meant for study to go along with "A Stick Figure Guide to the Advanced Encryption Standard (AES)" blog post at www.moserware.com
afdWordpress
Check arbitrary file download vulnerability in the WordPress
agartha
a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http requests to Javascript for further XSS exploitation and more.
airixss
Finding XSS during recon
fostane's Repositories
fostane/AKS
Azure Kubernetes Service
fostane/almanacs
A recipe for everything 🗒️
fostane/Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
fostane/beng-proxy
Web server
fostane/bitcoinops.github.io
Bitcoin Optech website
fostane/black
The uncompromising Python code formatter
fostane/bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
fostane/cartography
Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
fostane/commix
Automated All-in-One OS Command Injection Exploitation Tool.
fostane/deepdarkCTI
Collection of Cyber Threat Intelligence sources from the deep and dark web
fostane/exploit-development
Gonna share my writeups and resources here
fostane/fasthttp
Fast HTTP package for Go. Tuned for high performance. Zero memory allocations in hot paths. Up to 10x faster than net/http
fostane/feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
fostane/flipperzero-firmware
Flipper Zero firmware source code
fostane/freeradius-server
FreeRADIUS - A multi-protocol policy server.
fostane/fzf
:cherry_blossom: A command-line fuzzy finder
fostane/gitlab-version-nse
Nmap script to guess* a GitLab version.
fostane/h4cker
This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
fostane/interactsh
An OOB interaction gathering server and client library
fostane/inventory
Asset inventory on public bug bounty programs.
fostane/JSFScan.sh
Automation for javascript recon in bug bounty.
fostane/lunasec
LunaSec - Open Source AppSec platform that automatically notifies you the next time vulnerabilities like Log4Shell or node-ipc happen. Track your dependencies and builds in a centralized service. Get started in one-click via our GitHub App or host it yourself. https://github.com/apps/lunatrace-by-lunasec/
fostane/nuclei-templates-9
Community curated list of templates for the nuclei engine to find security vulnerabilities.
fostane/ObserverWard
Cross platform community web fingerprint identification tool
fostane/ostorlab
Ostorlab is security scanner framework with the mantra of do one thing and do it well.
fostane/paperless-ngx
A community-supported supercharged version of paperless: scan, index and archive all your physical documents
fostane/reconness
ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
fostane/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
fostane/subfinder
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
fostane/tplmap
Server-Side Template Injection and Code Injection Detection and Exploitation Tool