l34r00t
Security Analyst | Infosec | Ethical Hacking | Penetration Testing | Geek |
Buenos Aires - Argentina
l34r00t's Stars
1N3/Sn1per
Attack Surface Management Platform
daffainfo/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
ihebski/DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
vavkamil/awesome-bugbounty-tools
A curated list of various bug bounty tools
r0oth3x49/ghauri
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
snoopysecurity/awesome-burp-extensions
A curated list of amazingly awesome Burp Extensions
vaib25vicky/awesome-mobile-security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
six2dez/OneListForAll
Rockyou for web fuzzing
xnl-h4ck3r/waymore
Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan & VirusTotal!
B3nac/Android-Reports-and-Resources
A big list of Android Hackerone disclosed reports and other resources.
davidtavarez/pwndb
Search for leaked credentials
devploit/nomore403
Tool to bypass 403/40X response codes.
DERE-ad2001/Frida-Labs
The repo contains a series of challenges for learning Frida for Android Exploitation.
r3curs1v3-pr0xy/vajra
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
aufzayed/bugbounty
Bugbounty Resources
R-s0n/ars0n-framework
A Modern Framework for Bug Bounty Hunting
daffainfo/all-about-apikey
Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)
LevisWings/Auto-PWE
Script en Bash que te permite convertir una distribución de Linux en un entorno de trabajo profesional de manera automática.
aress31/openapi-parser
Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
cosad3s/postleaks
Search for sensitive data in Postman public library.
Ademking/repolist
Generate wordlists from Github repositories
dragonked2/Dons
Dons Js Scanner is a sleek command-line tool that hunts for hidden treasures—API keys, credentials, and secrets—lurking in the JavaScript of websites. Its vibrant ASCII art logo welcomes users to a journey where it scans, reveals, and safeguards against potential security breaches.
thomashartm/burp-aem-scanner
Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common misconfigurations and security holes.
ViktorMares/ultimate_discovery
Ultimate Wordlist for Web Content Discovery
Ekultek/tadpole
Download files out of open AWS buckets
KingOfBugbounty/SecretFinder
SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
BitTheByte/BitTraversal
Burpsuite Plugin to detect Directory Traversal vulnerabilities
fatguru/dorks
Here are some cool and some unpublished Dorks
Rffrench/wayfiles
Wayfiles is a tool designed to search for juicy files and URLs within a folder/file with results of tools like gau, waymore, waybackurls, etc.
lucsemassa/entrypoint_enum
Web Crawler for Identifying Entry Points