muchmuchmuch

muchmuchmuch's Stars

• s0md3v/XSStrike

  Most advanced XSS scanner.

  Language:Python13.5k1.9k

• RenwaX23/XSSTRON

  Electron JS Browser To Find XSS Vulnerabilities Automatically

  Language:JavaScript686119

• 0xKayala/ParamSpider

  Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing

  Language:Python13327

• dwisiswant0/awesome-oneliner-bugbounty

  A collection of awesome one-liner scripts especially for bug bounty tips.

  2.8k588

• bugbountyforum/XSS-Radar

  Language:JavaScript32448

• tomnomnom/qsreplace

  Accept URLs on stdin, replace all query string values with a user-supplied value

  Language:Go786125

• r0075h3ll/Oralyzer

  Open Redirection Analyzer

  Language:Python763105

• nytr0gen/deduplicate

  Remove duplicate urls from input

  Language:Go5420

• 1ndianl33t/Gf-Patterns

  GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep

  1.3k282

• tomnomnom/waybackurls

  Fetch all the URLs that the Wayback Machine knows about for a domain

  Language:Go3.6k479

• sa7mon/S3Scanner

  Scan for misconfigured S3 buckets across S3-compatible APIs!

  Language:Go2.6k376

• projectdiscovery/nuclei-templates

  Community curated list of templates for the nuclei engine to find security vulnerabilities.

  Language:JavaScript9.6k2.7k

• RustScan/RustScan

  🤖 The Modern Port Scanner 🤖

  Language:Rust15.4k1.1k

• vysecurity/DomLink

  A tool to link a domain with registered organisation names and emails, to other domains.

  Language:Python833141

• lc/gau

  Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

  Language:Go4.1k463

• TakSec/chatgpt-prompts-bug-bounty

  ChatGPT Prompts for Bug Bounty & Pentesting

  56883

• sushiwushi/bug-bounty-dorks

  List of Google Dorks for sites that have responsible disclosure program / bug bounty program

  1.3k400

• splunk/attack_range

  A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

  Language:Jinja2.2k363

• epinna/tplmap

  Server-Side Template Injection and Code Injection Detection and Exploitation Tool

  Language:Python3.9k679

• jaeles-project/gospider

  Gospider - Fast web spider written in Go

  Language:Go2.6k317

• SigmaHQ/sigma

  Main Sigma Rule Repository

  Language:Python8.6k2.3k

• projectdiscovery/alterx

  Fast and customizable subdomain wordlist generator using DSL

  Language:Go76061

• projectdiscovery/naabu

  A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

  Language:Go4.9k565

• projectdiscovery/nuclei

  Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

  Language:Go21.9k2.6k

• projectdiscovery/dnsx

  dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.

  Language:Go2.2k247

• projectdiscovery/katana

  A next-generation crawling and spidering framework.

  Language:Go12.9k674

• nmap/nmap

  Nmap - the Network Mapper. Github mirror of official SVN repository.

  Language:C10.5k2.4k

• sqlmapproject/sqlmap

  Automatic SQL injection and database takeover tool

  Language:Python33.1k5.8k

• danielmiessler/SecLists

  SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

  Language:PHP60.2k24.1k

• Sh1Yo/x8

  Hidden parameters discovery suite

  Language:Rust1.8k158