mjasec
Exploring the fascinating intersection of security, technology, and humans.
Unsupervised LearningTehran, Iran
mjasec's Stars
trimstray/the-book-of-secret-knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
nvm-sh/nvm
Node Version Manager - POSIX-compliant bash script to manage multiple active node.js versions
FallibleInc/security-guide-for-developers
Security Guide for Developers (实用性开发人员安全须知)
smicallef/spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
maurosoria/dirsearch
Web path scanner
OWASP/wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
blacklanternsecurity/bbot
The recursive internet scanner for hackers. 🧡
pry0cc/axiom
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
Qianlitp/crawlergo
A powerful browser crawler for web vulnerability scanners
dwisiswant0/awesome-oneliner-bugbounty
A collection of awesome one-liner scripts especially for bug bounty tips.
devanshbatham/ParamSpider
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
ssl/ezXSS
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
HolyBugx/HolyTips
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
0xPugal/One-Liners
A collection of one-liners for bug bounty hunting.
yeswehack/PwnFox
PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.
disclose/diodb
Open-source vulnerability disclosure and bug bounty program database
iphelix/dnschef
DNSChef - DNS proxy for Penetration Testers and Malware Analysts
0xZDH/o365spray
Username enumeration and password spraying tool aimed at Microsoft O365.
xnl-h4ck3r/XnlReveal
A Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidden elements and enable disabled elements.
reconness/reconness
ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
g0ldencybersec/gungnir
CT Log Scanner
appsecco/using-docker-kubernetes-for-automating-appsec-and-osint-workflows
Repository for all the workshop content delivered at nullcon X on 1st of March 2019
ViktorMares/ultimate_discovery
Ultimate Wordlist for Web Content Discovery
ssl/shortboost
Unicode characters that will translate a single character to multiple characters in domain names or TLD's
0xZDH/burp-password-spray
This extension allows a user to specify a lockout policy in order to automate a password spray attack via Intruder.
byt3bl33d3r/log4j-scan
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
AmirhosseinBidokhti/assetWatcher
A tool to notify you of the latest changes in bug bounty programs.
AmirhosseinBidokhti/scopeNotifier
Getting the latest scopes (domains that are eligible for bug bounty reports) of top bug bounty platforms such as H1, Bugcrowd, and more
MR-ZHEEV/Payload-pantest
payload
vin01/dns-over-https-proxy
A simple dns-over-https proxy for testing