mass0ma's Stars
ihebski/DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
ticarpi/jwt_tool
:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
techgaun/github-dorks
Find leaked secrets via github search
sa7mon/S3Scanner
Scan for misconfigured S3 buckets across S3-compatible APIs!
GrrrDog/weird_proxies
Reverse proxies cheatsheet
BlackFan/client-side-prototype-pollution
Prototype Pollution and useful Script Gadgets
httpvoid/writeups
authomatic/authomatic
Simple yet powerful authorization / authentication client library for Python web applications.
fransr/postMessage-tracker
A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
hahwul/jwt-hack
🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)
robre/jsmon
a javascript change monitoring tool for bugbounties
dolevf/graphw00f
graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
neex/http2smugl
lwzSoviet/NoXss
Faster xss scanner,support reflected-xss and dom-xss
theinfosecguy/QuickXSS
Automating XSS using Bash
ahussam/url-tracker
Change monitoring app that checks the content of web pages in different periods.
x1ddos/simpleauth
Simple authentication for Python on Google App Engine supporting OAuth 2.0, OAuth 1.0(a) and OpenID
teknogeek/ssrf-sheriff
A simple SSRF-testing sheriff written in Go
0xDexter0us/Scavenger
Burp extension to create target specific and tailored wordlist from burp history.
ngalongc/openapi_security_scanner
0xDexter0us/Log4J-Scanner
Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth.
0xbharath/slurp
A blazing fast & feature rich Amazon S3 bucket enumerator.
clarkvoss/AEM-List
un4gi/dirtywords
A targeted word list generation tool
war-and-code/akamai-arl-hack
Script to test open Akamai ARL vulnerability.
themarkib/google-acquisitions
Most of the Google Acquisitions for Bug Bounty Hunter.
Regala/burp-subdomains
Burp Suite extension to easily export sub domains
Regala/burp-graphql-logger
Burp Suite extension to log GraphQL operations as a comment
Static-Flow/BurpSuiteAutoRepeaterNaming
This extension replaces the default repeater tab name with the URL path of the repeater request.
no-criminality/idea-python
Python implementation of the IDEA encryption algorithm