mass0ma

mass0ma's Stars

• ihebski/DefaultCreds-cheat-sheet

  One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

  Language:Python5.5k8816678

• ticarpi/jwt_tool

  :snake: A toolkit for testing, tweaking and cracking JSON Web Tokens

  Language:Python5.3k6578665

• techgaun/github-dorks

  Find leaked secrets via github search

  Language:Python2.8k9322584

• sa7mon/S3Scanner

  Scan for misconfigured S3 buckets across S3-compatible APIs!

  Language:Go2.5k65140360

• GrrrDog/weird_proxies

  Reverse proxies cheatsheet

  Language:Python1.8k585205

• BlackFan/client-side-prototype-pollution

  Prototype Pollution and useful Script Gadgets

  1.4k417196

• httpvoid/writeups

  1.2k783175

• authomatic/authomatic

  Simple yet powerful authorization / authentication client library for Python web applications.

  Language:Python1k33124388

• fransr/postMessage-tracker

  A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon

  Language:JavaScript1k365144

• hahwul/jwt-hack

  🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)

  Language:Go7531618101

• robre/jsmon

  a javascript change monitoring tool for bugbounties

  Language:Python577151083

• dolevf/graphw00f

  graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

  Language:Python53971564

• neex/http2smugl

  Language:Go527161572

• lwzSoviet/NoXss

  Faster xss scanner,support reflected-xss and dom-xss

  Language:Python4435871

• theinfosecguy/QuickXSS

  Automating XSS using Bash

  Language:Shell3469662

• ahussam/url-tracker

  Change monitoring app that checks the content of web pages in different periods.

  Language:JavaScript339121156

• x1ddos/simpleauth

  Simple authentication for Python on Google App Engine supporting OAuth 2.0, OAuth 1.0(a) and OpenID

  Language:Python327433561

• teknogeek/ssrf-sheriff

  A simple SSRF-testing sheriff written in Go

  Language:Go31015256

• 0xDexter0us/Scavenger

  Burp extension to create target specific and tailored wordlist from burp history.

  Language:Kotlin2272126

• ngalongc/openapi_security_scanner

  Language:Python1656138

• 0xDexter0us/Log4J-Scanner

  Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth.

  Language:Kotlin1017027

• 0xbharath/slurp

  A blazing fast & feature rich Amazon S3 bucket enumerator.

  Language:Go942024

• clarkvoss/AEM-List

  872020

• un4gi/dirtywords

  A targeted word list generation tool

  Language:Go763111

• war-and-code/akamai-arl-hack

  Script to test open Akamai ARL vulnerability.

  Language:Python702216

• themarkib/google-acquisitions

  Most of the Google Acquisitions for Bug Bounty Hunter.

  59307

• Regala/burp-subdomains

  Burp Suite extension to easily export sub domains

  Language:Python442015

• Regala/burp-graphql-logger

  Burp Suite extension to log GraphQL operations as a comment

  Language:Python23202

• Static-Flow/BurpSuiteAutoRepeaterNaming

  This extension replaces the default repeater tab name with the URL path of the repeater request.

  Language:Java22313

• no-criminality/idea-python

  Python implementation of the IDEA encryption algorithm

  Language:Python310