nagaxor's Stars
shieldfy/API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
ffuf/ffuf
Fast web fuzzer written in Go
owasp-amass/amass
In-depth attack surface mapping and asset discovery
s0md3v/Photon
Incredibly fast crawler designed for OSINT.
projectdiscovery/subfinder
Fast passive subdomain enumeration tool.
projectdiscovery/httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
six2dez/reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
s0md3v/AwesomeXSS
Awesome XSS stuff
cloudflare/flan
A pretty sweet vulnerability scanner
RetireJS/retire.js
scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
zan8in/afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
projectdiscovery/interactsh
An OOB interaction gathering server and client library
r0oth3x49/ghauri
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
christophetd/CloudFlair
🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
jaeles-project/gospider
Gospider - Fast web spider written in Go
infosec-au/altdns
Generates permutations, alterations and mutations of subdomains and then resolves them
jaeles-project/jaeles
The Swiss Army knife for automated Web Application Testing
terjanq/Tiny-XSS-Payloads
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
1N3/BlackWidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
0xmaximus/Galaxy-Bugbounty-Checklist
Tips and Tutorials for Bug Bounty and also Penetration Tests.
Karanxa/Bug-Bounty-Wordlists
A repository that includes all the important wordlists used while bug hunting.
NafisiAslH/KnowledgeSharing
Hackmanit/Web-Cache-Vulnerability-Scanner
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
robotshell/magicRecon
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
musana/fuzzuli
fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.
RenwaX23/XSSTRON
Electron JS Browser To Find XSS Vulnerabilities Automatically
knassar702/scant3r
ScanT3r - Module based Bug Bounty Automation Tool ( use Lotus instead github.com/bugBlocker/lotus )
twseptian/oneliner-bugbounty
oneliner commands for bug bounties
Cyber-Guy1/Subdomainer
Automated tool for domains & subdomains gathering
mrco24/OK-VPS
Bug Bounty Vps Setup Tools