h888t

h888t's Stars

• statelyai/xstate

  Actor-based state management & orchestration for complex app logic.

  Language:TypeScript27.9k1891.4k1.3k

• duo-labs/cloudmapper

  CloudMapper helps you analyze your Amazon Web Services (AWS) environments.

  Language:JavaScript6.1k133540821

• deepfence/SecretScanner

  :unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:

  Language:Go3.2k4943324

• christophetd/CloudFlair

  🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

  Language:Python2.7k6063365

• cisagov/ScubaGear

  Automation to assess the state of your M365 tenant against CISA's baselines

  Language:PowerShell2k561.1k265

• mandatoryprogrammer/xsshunter-express

  An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!

  Language:JavaScript1.8k1026349

• kost/dvcs-ripper

  Rip web accessible (distributed) version control systems: SVN/GIT/HG...

  Language:Perl1.7k5318312

• mrh0wl/Cloudmare

  Cloudflare, Sucuri, Incapsula real IP tracker.

  Language:Python1.3k3246197

• codingo/VHostScan

  A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

  Language:Python1.2k3854232

• BishopFox/eyeballer

  Convolutional neural network for analyzing pentest screenshots

  Language:Python1.1k3048130

• knavesec/CredMaster

  Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling

  Language:Python1k1535136

• ksharinarayanan/SSRFire

  An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects

  Language:Shell953256161

• emadshanab/Nuclei-Templates-Collection

  Nuclei Templates Collection

  Language:Python951305253

• mxrch/GitFive

  🐙 Track down GitHub users.

  Language:Python88573260

• MattKeeley/Spoofy

  Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.

  Language:Python66311861

• t3l3machus/eviltree

  A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.

  Language:Python3874344

• musana/mx-takeover

  mx-takeover focuses DNS MX records and detects misconfigured MX records.

  Language:Go3464843

• sw33tLie/sns

  IIS shortname scanner written in Go

  Language:Go3236544

• josehelps/git-wild-hunt

  A tool to hunt for credentials in github wild AKA git*hunt

  Language:Python2936742

• Audiobahn/CVE-2022-20699

  Cisco Anyconnect VPN unauth RCE (rwx stack)

  Language:Python23912243

• prodigysml/Dr.-Watson

  Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information! It's your very own discovery side kick, the Dr. Watson to your Sherlock!

  Language:Python21520828

• j3ssie/goverview

  goverview - Get an overview of the list of URLs

  Language:Go1425224

• 0xAwali/Blind-SSRF

  Nuclei Templates to reproduce Cracking the lens's Research

  1244021

• codenco-dev/nova-grid-system

  Nova grid system for Laravel Nova

  Language:PHP8063034

• Th0h0/autopoisoner

  Web cache poisoning vulnerability scanner.

  Language:Python641210

• numanturle/CVE-2022-1388

  K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388

  534013

• nurse/traceroute53

  A tool to investigate Route53, ELB, EC2 and Security Groups

  Language:Ruby53514

• cygenta/top10million

  A repository of the 10 million live most popular websites

  40316

• c0dejump/CredzCheckr

  Testing default web credentials

  Language:Python33107

• dptsec/zipslip

  Tool to create custom zip files with path traversal for certain bad unzip implementations

  Language:Go2100