Pinned Repositories
Amass
In-depth Attack Surface Mapping and Asset Discovery
AMSI-Holo
BISOGD
Boosting Internet Security with Osint and Google Dorking
BloodHound
Six Degrees of Domain Admin
Certipy
Tool for Active Directory Certificate Services enumeration and abuse
ivpn_osiris
testing
jesusgavancho.github.io
Offensive-Payloads
List of payloads and wordlists that are specifically crafted to identify and exploit vulnerabilities in target web applications.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
TryHackMe_and_HackTheBox
jesusgavancho's Repositories
jesusgavancho/TryHackMe_and_HackTheBox
jesusgavancho/ivpn_osiris
testing
jesusgavancho/BISOGD
Boosting Internet Security with Osint and Google Dorking
jesusgavancho/Offensive-Payloads
List of payloads and wordlists that are specifically crafted to identify and exploit vulnerabilities in target web applications.
jesusgavancho/adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
jesusgavancho/Anubis
Subdomain enumeration and information gathering tool
jesusgavancho/Awesome-GPT-Agents
A curated list of GPT agents for cybersecurity
jesusgavancho/awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
jesusgavancho/bbot
OSINT automation for hackers.
jesusgavancho/Bug-Bounty-Search-Engine
jesusgavancho/cve
Gather and update all available and newest CVEs with their PoC.
jesusgavancho/dnss-blocklists
DNS filters aggregate from various well known sources.
jesusgavancho/grpcui
An interactive web UI for gRPC, along the lines of postman
jesusgavancho/heaptruffle
Mine URLs from Browser's Heap Snapshot for fun and profit
jesusgavancho/jadx
Dex to Java decompiler
jesusgavancho/KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
jesusgavancho/KOTH-v2
jesusgavancho/Limesurvey-RCE
LimeSurvey Authenticated RCE
jesusgavancho/Linux101-Resources
Resources for TCM Security Linux 101 course
jesusgavancho/OSINT-UNCOVER-1.0
jesusgavancho/public-apis
A collective list of free APIs
jesusgavancho/security-research
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
jesusgavancho/Subrake
🚀 A DNS automated scanner and tool 🖱️ (Zone Transfer, DNS Zone Takeover, Subdomain Takeover).
jesusgavancho/thc-tips-tricks-hacks-cheat-sheet
Various tips & tricks
jesusgavancho/tryhackme
Everything I did on tryhackme
jesusgavancho/Upload_Bypass
File upload restrictions bypass, by using different bug bounty techniques covered in Hacktricks.
jesusgavancho/web-check
🌐 All-in-one website OSINT tool for analysing any website
jesusgavancho/webpalm
WebPalm is a powerful command-line tool for website mapping and web scraping. With its recursive approach, it can generate a complete tree of all webpages and their links on a website. It can also extract data from the body of each page using regular expressions, making it an ideal tool for web scraping and data extraction.
jesusgavancho/XnlReveal
A Chrome browser extension to show alerts for relfected query params, show hidden elements and enable disabled elements.
jesusgavancho/zxcvbn
Low-Budget Password Strength Estimation