gregxsunday

gregxsunday's Stars

• justcatthefish/justctf-2023

  justCTF 2023 challenges sources

  Language:Python15

• EdOverflow/can-i-take-over-xyz

  "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

  Language:Python4.6k690

• notthehiddenwiki/NTHW

  Not The Hidden Wiki - The largest repository of links related to cybersecurity

  40244

• narfindustries/http-garden

  Differential testing and fuzzing of HTTP servers and proxies

  Language:Python62554

• doyensec/Session-Hijacking-Visual-Exploitation

  Session Hijacking Visual Exploitation

  Language:JavaScript18514

• Escape-Technologies/graphql-wordlist

  The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.

  Language:TypeScript29930

• owasp-amass/amass

  In-depth attack surface mapping and asset discovery

  Language:Go11.5k1.8k

• BishopFox/jsluice

  Extract URLs, paths, secrets, and other interesting bits from JavaScript

  Language:Go1.3k83

• cure53/Contracts

  A small collection of potentially useful contract templates

  36248

• cujanovic/SSRF-Testing

  SSRF (Server Side Request Forgery) testing resources

  Language:Python2.3k473

• espanso/espanso

  Cross-platform Text Expander written in Rust

  Language:Rust9.5k261

• doyensec/PESD-Exporter-Extension

  PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams

  Language:HTML938

• hisxo/ReconAIzer

  A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomains and more!

  Language:Python81299

• hwchase17/adversarial-prompts

  Curation of prompts that are known to be adversarial to large language models

  1689

• robre/jsmon

  a javascript change monitoring tool for bugbounties

  Language:Python55181

• corkami/pics

  File formats dissections and more...

  Language:Assembly10.4k740

• immunefi-team/Web3-Security-Library

  Information about web3 security and programming tutorials/tools

  1.7k276

• chbrown/unmap

  Unpack a JavaScript Source Map back into filesystem structure

  Language:JavaScript17125

• wireghoul/graudit

  grep rough audit - source code auditing tool

  Language:Shell1.4k238

• stark0de/nginxpwner

  Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.

  Language:Python1.4k142

• justcatthefish/ctf-writeups

  CTF write-ups

  Language:Python7823

• xdavidhu/awesome-google-vrp-writeups

  🐛 A list of writeups from the Google VRP Bug Bounty program

  Language:Python1.1k182

• jagracey/Awesome-Unicode

  :joy: :ok_hand: A curated list of delightful Unicode tidbits, packages and resources.

  Language:JavaScript88765

• stripe/smokescreen

  A simple HTTP proxy that fogs over naughty URLs

  Language:Go1.1k69

• jhipster/generator-jhipster

  JHipster is a development platform to quickly generate, develop, & deploy modern web applications & microservice architectures.

  Language:TypeScript21.3k4k

• ckkok/spring4shell-poc

  Language:Python77

• dylanaraps/pure-bash-bible

  📖 A collection of pure bash alternatives to external processes.

  Language:Shell36.3k3.3k

• assetnote/blind-ssrf-chains

  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability

  753101

• Puliczek/awesome-list-of-secrets-in-environment-variables

  🦄🔒 Awesome list of secrets in environment variables 🖥️

  85376

• hakluke/bug-bounty-standards

  A list of edge cases that occur in bug bounty programs, conversations on how they should be handled. The goal is to standardise the way that specific situations are handled in bug bounties.

  22310