mmirnosir

mmirnosir's Stars

• jivoi/awesome-osint

  :scream: A curated list of amazingly awesome OSINT

  19.6k663962.9k

• s0md3v/Arjun

  HTTP parameter discovery suite.

  Language:Python5.3k87148801

• streaak/keyhacks

  Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

  5.2k108631.1k

• hahwul/WebHackersWeapons

  ⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

  Language:Ruby3.9k13231686

• GerbenJavado/LinkFinder

  A python script that finds endpoints in JavaScript files

  Language:Python3.8k6781606

• arkadiyt/bounty-targets-data

  This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

  3.2k2390589

• Bo0oM/fuzz.txt

  Potentially dangerous files

  2.9k8715493

• jaeles-project/jaeles

  The Swiss Army knife for automated Web Application Testing

  Language:Go2.2k8051322

• xnl-h4ck3r/waymore

  Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan & VirusTotal!

  Language:Python1.8k1648206

• m4ll0k/BBTz

  BBT - Bug Bounty Tools (examples💡)

  Language:Python1.7k619475

• galkan/crowbar

  Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.

  Language:Python1.4k6552316

• 1ndianl33t/Gf-Patterns

  GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep

  1.2k2811281

• s0md3v/uro

  declutters url lists for crawling/pentesting

  Language:Python1.2k1835149

• Karanxa/Bug-Bounty-Wordlists

  A repository that includes all the important wordlists used while bug hunting.

  1.2k271334

• andresriancho/enumerate-iam

  Enumerate the permissions associated with AWS credential set

  Language:Python1.1k1711177

• chrislockard/api_wordlist

  A wordlist of API names for web application assessments

  767153217

• zigoo0/JSONBee

  A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.

  Language:PHP681202108

• KathanP19/Gxss

  A tool to check a bunch of URLs that contain reflecting params.

  Language:Go54581881

• kevin-mizu/domloggerpp

  A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.

  Language:JavaScript49392251

• Josue87/gotator

  Gotator is a tool to generate DNS wordlists through permutations.

  Language:Go46361256

• Escape-Technologies/graphql-wordlist

  The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.

  Language:TypeScript3385236

• PortSwigger/burp-extensions-montoya-api

  Burp Extensions Api

  Language:Java1487875

• danielmiessler/Source2URL

  Parse source code directories and output list of URLs that are then sent through a proxy.

  14110037

• PortSwigger/burp-extensions-montoya-api-examples

  Examples for using the Montoya API with Burp Suite

  Language:Java1205214

• doyensec/CSPTBurpExtension

  CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.

  Language:Java115518

• shreyaschavhan/python-for-awae

  Python for AWAE (Advanced Web Attacks and Exploitation)

  Language:Python924115

• ViktorMares/ultimate_discovery

  Ultimate Wordlist for Web Content Discovery

  631115

• CDThomas/graphql-json-to-sdl

  A command line utility for converting a JSON GraphQL schema to GraphQL SDL

  Language:TypeScript30214

• floft/dhcp-spoof

  simulate DHCP spoofing on a virtual network using Mininet

  Language:Python8206

• OmarKhaled511/Bate5a

  2100