Pinned Repositories
awsScrape
A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.
domain
Setup script for Regon-ng
HUNT
pentest-bookmarks
a collection of handy bookmarks
SecLists
SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
tbhm
The Bug Hunters Methodology
jhaddix's Repositories
jhaddix/SecLists
SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
jhaddix/scripts
Usefull stuff from around teh internetz
jhaddix/bug-bounty-reference
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
jhaddix/XSS.png
A XSS mind map ;)
jhaddix/lazyrecon
This script is intended to automate your reconnaissance process in an organized fashion
jhaddix/ios_sh
ios source grepper
jhaddix/mywebappscripts
A collection of all the lists, scripts and techniques I use while doing web application penetration tests.
jhaddix/pwnwiki.github.io
PwnWiki - The notes section of the pentesters mind.
jhaddix/bugcrowd-levelup-subdomain-enumeration
This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bucrowd LevelUp 2017 virtual conference
jhaddix/LazyFuzzer
Ease-of-use extension for Web Application penetration testing
jhaddix/massdns
A high-performance DNS stub resolver for bulk lookups
jhaddix/brutesubs
An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker Compose
jhaddix/ScanCannon
Combines the speed of masscan with the reliability and detailed enumeration of nmap
jhaddix/research
Hello and welcome to my GitHub account. If you'd like to know more about me, this is likely the best place to start
jhaddix/waybackunifier
See the history of a file from above
jhaddix/OWASP-VWAD
The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
jhaddix/xssHunterExtension
Chrome Extension for XSS Hunter Payloads
jhaddix/JSParser
jhaddix/InputScanner
jhaddix/JS-Scan
a .js scanner, built in php. designed to scrape urls and other info
jhaddix/SecurityTools
A repo for collecting and organizing security tools of various types. As new ones come out, they get added to the list.
jhaddix/CTFSolutionTypes
A collection of CTF solution types, i.e. not solutions to specific CTF challenges, but the general categories that those solutions fall under. Includes CTF solution categories for web, binary, network, crypto, and others. Please contribute!
jhaddix/Internal-Monologue
Internal Monologue Attack: Retrieving NTLM Hashes without Mimikatz
jhaddix/msfwiki
Metasploit Usage Wiki
jhaddix/TTSL
Tool to scrape LinkedIn
jhaddix/NodeGoat
The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
jhaddix/samuraiwtf
The main SamuraiWTF collaborative distro repo.
jhaddix/choo
:steam_locomotive::train: - sturdy 4kb frontend framework
jhaddix/securedorg.github.io
jhaddix/gnmapper
gnmapper - Greppable NMAP (gnmap) to CSV parser / converter written in bash