h888t

h888t's Stars

• Budibase/budibase

  Low code platform for building business apps and workflows in minutes. Supports PostgreSQL, MySQL, MariaDB, MSSQL, MongoDB, Rest API, Docker, K8s, and more 🚀

  Language:TypeScript22.9k2174.6k1.6k

• smicallef/spiderfoot

  SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

  Language:Python13.3k3686082.3k

• s0md3v/Photon

  Incredibly fast crawler designed for OSINT.

  Language:Python11.1k3251061.5k

• nomi-sec/PoC-in-GitHub

  📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

  6.6k432301.2k

• EnableSecurity/wafw00f

  WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

  Language:Python5.3k13998937

• khast3x/h8mail

  Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

  Language:Python4.2k123130520

• Arachni/arachni

  Web Application Security Scanner Framework

  Language:Ruby3.8k2061k766

• DefectDojo/django-DefectDojo

  DevSecOps, ASPM, Vulnerability Management. All on one platform.

  Language:HTML3.7k2082.9k1.6k

• swisskyrepo/SSRFmap

  Automatic SSRF fuzzer and exploitation tool

  Language:Python3k5524528

• sa7mon/S3Scanner

  Scan for misconfigured S3 buckets across S3-compatible APIs!

  Language:Go2.6k66142369

• 1N3/BruteX

  Automatically brute force all services running on a target.

  Language:Shell2k10433594

• swisskyrepo/GraphQLmap

  GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)

  Language:Python1.4k2229198

• michaeldyrynda/laravel-cascade-soft-deletes

  Cascading deletes for Eloquent models that implement soft deletes

  Language:PHP1k133976

• 0xsha/CloudBrute

  Awesome cloud enumerator

  Language:Go907187140

• pwnesia/dnstake

  DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover

  Language:Go83411667

• byt3bl33d3r/WitnessMe

  Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.

  Language:Python7352233109

• allanlw/svg-cheatsheet

  A cheatsheet for exploiting server-side SVG processors.

  69913192

• blark/aiodnsbrute

  Python 3.5+ DNS asynchronous brute force utility

  Language:Python646219113

• MindPointGroup/cloudfrunt

  A tool for identifying misconfigured CloudFront domains

  Language:Python34710068

• MarkoH17/Spray365

  Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.

  Language:Python3458957

• 404labfr/laravel-auth-checker

  Laravel Auth Checker allows you to log users authentication, devices authenticated from and lock intrusions.

  Language:PHP223131631

• bp0lr/dmut

  A tool to perform permutations, mutations and alteration of subdomains in golang.

  Language:Go15651431

• hahwul/deadfinder

  🏴‍☠️ Find dead-links (broken links)

  Language:Ruby12931411

• chandanbn/cvss

  CVSS (Common Vulnerability Scoring System) Calculator CVSSv3.1

  Language:JavaScript513127

• pry0cc/CredCatch

  Find plaintext credentials from emails in bulk from password dumps, and generate emails on the fly.

  Language:Ruby49226

• mandatoryprogrammer/PERS

  A passive scanning tool for finding expired domain vulnerabilities while you browse.

  Language:JavaScript414024

• crashbrz/BET

  Burp Enterprise Toolkit

  Language:Go12201

• rezen/zap-lambda

  ZAP running in a lambda?!

  Language:Python11205

• pry0cc/ciscobruter

  Brute-force Cisco SSL VPN

  Language:Ruby530

• libook/cvss-3.1-calculator

  Common Vulnerability Scoring System Version 3.1 Calculator

  Language:JavaScript3300