meetpatalia's Stars
coffinxp/customBsqli
coffinxp/lostools
best tool for finding SQLi,XSS,LFi,OpenRedirect
ahussam/url-tracker
Change monitoring app that checks the content of web pages in different periods.
Az0x7/vulnerability-Checklist
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
dirtycoder0124/form_finder
This script can be used to find html forms in the list of endpoints/urls.
mqst/gouge
Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp Suite
PhonePe/mantis
Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.
elkokc/reflector
Burp plugin able to find reflected XSS on page in real-time while browsing on site
Lu3ky13/Bypass-Reset-Password-Code-Lead-to-Account-Takeover
Bypass Reset Password Code Lead to Account Takeover
seed1337/CVE-2024-24919-POC
msoedov/agentic_security
Agentic LLM Vulnerability Scanner / AI red teaming kit
thecybertix/One-Liner-Collections
This Repositories contains list of One Liners with Descriptions and Installation requirements
Stuub/CVE-2024-32640-SQLI-MuraCMS
CVE-2024-32640 | Automated SQLi Exploitation PoC
usdAG/cstc
CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
GJDuck/EnvFuzz
Fuzz anything with Program Environment Fuzzing
gehaxelt/Python-dsstore
A library for parsing .DS_Store files and extracting file names
lijiejie/ds_store_exp
A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.
trap-bytes/gourlex
Gourlex is a simple tool that can be used to extract URLs and paths from web pages.
ax/apk.sh
apk.sh makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK.
RevoltSecurities/Subdominator
SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty
tldrsec/awesome-secure-defaults
Awesome secure by default libraries to help you eliminate bug classes!
Hari-prasaanth/Thick-Client-Pentest-Checklist
A OWASP Based Checklist With 80+ Test Cases
Tedixx/dmarc-subdomains
Tool to parse subdomains from dmarc.live
sarperavci/CloudflareBypassForScraping
A cloudflare verification bypass script for webscraping
daffainfo/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
chiasmod0n/chiasmodon
Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including domain emails, domain credentials, CIDRs , ASNs , and subdomains, the tool also allows users to search Google Play application ID.
berylliumsec/neutron
AI Powered Terminal Based Ethical Hacking Assistant
xscorp/jsmug
A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON
xnl-h4ck3r/waymore
Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan & VirusTotal!
edoardottt/pphack
The Most Advanced Client-Side Prototype Pollution Scanner