h888t

h888t's Stars

• statelyai/xstate

  Actor-based state management & orchestration for complex app logic.

  Language:TypeScript27.3k1921.4k1.3k

• GreyDGL/PentestGPT

  A GPT-empowered penetration testing tool

  Language:Python7.3k118138889

• arkadiyt/bounty-targets-data

  This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

  3.2k2370584

• utkusen/urlhunter

  a recon tool that allows searching on URLs that are exposed via shortener services

  Language:Go1.5k6413102

• trickest/wordlists

  Real-world infosec wordlists, updated regularly

  1.4k281170

• hakluke/weaponised-XSS-payloads

  XSS payloads designed to turn alert(1) into P1

  Language:JavaScript1.3k473216

• mrh0wl/Cloudmare

  Cloudflare, Sucuri, Incapsula real IP tracker.

  Language:Python1.3k3245196

• Lucifer1993/TPscan

  一键ThinkPHP漏洞检测

  Language:Python1.1k1811182

• h2non/gentleman

  Plugin-driven, extensible HTTP client toolkit for Go

  Language:Go1.1k185453

• yassineaboukir/sublert

  Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

  Language:Python9913336166

• musana/fuzzuli

  fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.

  Language:Go739111275

• fyoorer/ShadowClone

  Unleash the power of cloud

  Language:Python7351364101

• MattKeeley/Spoofy

  Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.

  Language:Python63710858

• cyberark/PipeViewer

  A tool that shows detailed information about named pipes in Windows

  Language:C#57311245

• sule01u/SBSCAN

  SBSCAN是一款专注于spring框架的渗透测试工具，可以对指定站点进行springboot未授权扫描/敏感信息扫描以及进行spring框架漏洞扫描与验证的综合利用工具。 [SBSCAN is a penetration testing tool focused on the spring framework that can scan springboot sensitive information/unauthorized for specified sites and scan and validate spring related vulnerabilities]

  Language:Python560141056

• TakSec/chatgpt-prompts-bug-bounty

  ChatGPT Prompts for Bug Bounty & Pentesting

  5588079

• Dec0ne/DavRelayUp

  DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the default settings).

  Language:C#5264578

• gmatuz/inthewilddb

  Hourly updated database of exploit and exploitation reports

  Language:Python24611818

• janmasarik/resolvers

  List of periodically validated public DNS resolvers

  230133530

• jhaddix/awsScrape

  A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.

  Language:Go2256129

• edoardottt/favirecon

  Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.

  Language:Go19633027

• UnaPibaGeek/honeypots-detection

  Nuclei templates for honeypots detection.

  1943018

• serain/mailspoof

  Scans SPF and DMARC records for issues that could allow email spoofing.

  Language:Python1273723

• FiloSottile/sunlight

  A Certificate Transparency log implementation and monitoring API designed for scalability, ease of operation, and reduced cost.

  Language:Go1268139

• 20142995/pocsuite3

  Language:Python1095023

• righel/ms-exchange-version-nse

  Nmap script to detect a Microsoft Exchange instance version with OWA enabled.

  Language:Python753217

• r57-labs/chaos

  Origin IP scanning utility developed with ChatGPT

  Language:Python67118

• diego95root/h1-templates

  Language:JavaScript46103

• cygenta/top10million

  A repository of the 10 million live most popular websites

  39316

• c0dejump/CredzCheckr

  Testing default web credentials

  Language:Python32107