hiddengearz

hiddengearz's Stars

• OWASP/CheatSheetSeries

  The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

  Language:Python27.7k5694533.9k

• owasp-amass/amass

  In-depth attack surface mapping and asset discovery

  Language:Go11.9k2106481.9k

• go-swagger/go-swagger

  Swagger 2.0 implementation for go

  Language:Go9.5k1201.9k1.2k

• HackTricks-wiki/hacktricks

  Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

  Language:Python8.9k228902.6k

• OWASP/wstg

  The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

  Language:Dockerfile7.2k3303441.3k

• fnproject/fn

  The container native, cloud agnostic serverless platform.

  Language:Go5.7k198649404

• neutrinolabs/xrdp

  xrdp: an open source RDP server

  Language:C5.6k1751.8k1.7k

• s0md3v/Arjun

  HTTP parameter discovery suite.

  Language:Python5.2k86143791

• aws-samples/aws-cdk-examples

  Example projects using the AWS CDK

  Language:Python5.1k793412.1k

• KingOfBugbounty/KingOfBugBountyTips

  Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..

  Language:Go4.2k23311804

• TheRook/subbrute

  A DNS meta-query spider that enumerates DNS records, and subdomains.

  Language:Python3.3k13256653

• ohpe/juicy-potato

  A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.

  Language:C++2.4k4816470

• infosec-au/altdns

  Generates permutations, alterations and mutations of subdomains and then resolves them

  Language:Python2.3k6125446

• defparam/smuggler

  Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3

  Language:Python1.8k3217291

• m4ll0k/Atlas

  Quick SQLMap Tamper Suggester

  Language:Python1.3k4325260

• codingo/Interlace

  Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

  Language:Python1.2k3690179

• R0X4R/Garud

  An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

  Language:Shell7731738176

• robre/jsmon

  a javascript change monitoring tool for bugbounties

  Language:Python584151083

• milo2012/pathbrute

  Pathbrute

  Language:Go4412915123

• BuddhaLabs/PacketStorm-Exploits

  Collection of publicly available exploits from Packetstorm

  Language:HTML404

• ThreatUnknown/jsubfinder

  jsubfinder searches webpages for javascript & analyzes them for hidden subdomains and secrets (wip).

  Language:Go25991132

• defparam/tiscripts

  Turbo Intruder Scripts

  Language:Python2156057

• nahamsec/crtndstry

  Yet another subdomain finder

  Language:Shell1969755

• ptswarm/ptswarm-twitter

  7610026

• SecAuraYT/OSWE

  Repo for OSWE related video content for @SecAura Youtube Channel

  Language:CSS291114

• pentestify/security-remediation-guides

  Security Remediation Guides

  4101