kianoosh21's Stars
cure53/DOMPurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
shubhamrooter/ShodanSpider
ShodanSpider is an open-source tool for interacting with Shodan. It lets you search and extract data from Shodan without an API key, offering a simple command-line interface. Premium users can integrate their API key for more results. Ideal for penetration testers and cybersecurity researchers.
iamunixtz/JSNinja
JSNinja is a powerful tool designed for security researchers and developers looking to extract sensitive information and Urls from JavaScript files.
tomnomnom/unfurl
Pull out bits of URLs provided on stdin
faiyazahmad07/xss_vibes
A modern tool written in Python that automates your xss findings.
kazet/wpgarlic
A proof-of-concept WordPress plugin fuzzer
spyboy-productions/CloakQuest3r
Uncover the true IP address of websites safeguarded by Cloudflare & Others
blackhatethicalhacking/SQLMutant
SQLMutant is a powerful SQL injection testing tool that includes both passive and active reconnaissance processes for any given domain. It filters URLs to identify those with parameters susceptible to SQL injection formats and then performs injection attacks. These attacks include pattern matching, error analysis, and timing attacks.
sqlmapproject/sqlmap
Automatic SQL injection and database takeover tool
bnematzadeh/LoggerPlusPlus-API-Filters
A comprehensive list of custom filters for Logger++ to identify various vulnerabilities in different API styles
trufflesecurity/trufflehog
Find, verify, and analyze leaked credentials
blackhatethicalhacking/TerminatorZ
TerminatorZ is a highly sophisticated and efficient web security tool that scans for top potential vulnerabilities with known CVEs in your web applications.
gmelodie/awesome-wordlists
A curated list wordlists for bruteforcing and fuzzing
coffinxp/loxs
best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect
linuxadi/40k-nuclei-templates
40,000+ Nuclei templates for security scanning and detection across diverse web applications and services
emadshanab/Nuclei-Templates-Collection
Nuclei Templates Collection
devanshbatham/ParamSpider
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
0xKayala/NucleiFuzzer
NucleiFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications
pwnwriter/haylxon
⚡ Blazing-fast tool to grab screenshots of your domain list right from terminal.
s0md3v/Arjun
HTTP parameter discovery suite.
xnl-h4ck3r/waymore
Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan & VirusTotal!
GerbenJavado/LinkFinder
A python script that finds endpoints in JavaScript files
tomnomnom/gf
A wrapper around grep, to help you grep for things
1ndianl33t/Gf-Patterns
GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
Sh1Yo/x8
Hidden parameters discovery suite
mandatoryprogrammer/xsshunter-express
An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!
iamunixtz/LazyXss
Automation tool to testing and confirm the xss vulnerability.
s0md3v/XSStrike
Most advanced XSS scanner.
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
XuVix/Monitoring_Bot
a Simple Bot to Monitoring Server