hunter-spiegel's Stars
chris408/ct-exposer
An OSINT tool that discovers sub-domains by searching Certificate Transparency logs
michenriksen/aquatone
A Tool for Domain Flyovers
EdOverflow/can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Ice3man543/SubOver
A Powerful Subdomain Takeover Tool
rthalley/dnspython
a powerful DNS toolkit for python
wallarm/jwt-heartbreaker
The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources
msrkp/PPScan
Client Side Prototype Pollution Scanner
an00byss/TheCl0n3r
TheCl0n3r will allow you to download and manage your git repositories.
FSecureLABS/GWTMap
ArturSS7/TukTuk
Tool for catching and logging different types of requests.
epi052/feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
devanshbatham/FavFreak
Making Favicon.ico based Recon Great again !
obheda12/GitDorker
A Python program to scrape secrets from GitHub through usage of a large repository of dorks.
maurosoria/dirsearch
Web path scanner
mxrch/GHunt
🕵️♂️ Offensive Google framework.
neex/phuip-fpizdam
Exploit for CVE-2019-11043
BullsEye0/google_dork_list
Google Dorks | Google helps you to find Vulnerable Websites that Indexed in Google Search Results. Here is the latest collection of Google Dorks. A collection of 13.760 Dorks. Author: Jolanda de Koff
blechschmidt/massdns
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
tomnomnom/assetfinder
Find domains and subdomains related to a given domain
projectdiscovery/dnsprobe
DNSProb is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers.
projectdiscovery/httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
projectdiscovery/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
shellinabox/shellinabox
Official-ish Fork of Shell In A Box
butlerx/wetty
Terminal in browser over http/https. (Ajaxterm/Anyterm alternative, but much better)
tuxotron/xvwa_lamp_container
XVWA on LAMP base docker image
s4n7h0/xvwa
XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
teknogeek/ssrf-sheriff
A simple SSRF-testing sheriff written in Go
In3tinct/See-SURF
Python based scanner to find potential SSRF parameters
tarunkant/Gopherus
This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
swisskyrepo/SSRFmap
Automatic SSRF fuzzer and exploitation tool