nagaxor's Stars
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
chubin/cheat.sh
the only cheat sheet you need
TheKingOfDuck/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
Kozea/WeasyPrint
The awesome document factory
j3ssie/osmedeus
A Workflow Engine for Offensive Security
euske/pdfminer
Python PDF Parser (Not actively maintained). Check out pdfminer.six.
blacklanternsecurity/bbot
A recursive internet scanner for hackers.
epinna/tplmap
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
gwen001/pentest-tools
A collection of custom security tools for quick needs.
swisskyrepo/SSRFmap
Automatic SSRF fuzzer and exploitation tool
joaomatosf/jexboss
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
luijait/DarkGPT
DarkGPT is an OSINT assistant based on GPT-4-200K (recommended use) designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your traditional OSINT processes.
m4ll0k/SecretFinder
SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
jordanpotti/AWSBucketDump
Security Tool to Look For Interesting Files in S3 Buckets
bitquark/shortscan
An IIS short filename enumeration tool
dwisiswant0/ppfuzz
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
s0md3v/Parth
Heuristic Vulnerable Parameter Scanner
R-s0n/ars0n-framework
A Modern Framework for Bug Bounty Hunting
hakluke/hakip2host
hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names.
neex/ffmpeg-avi-m3u-xbin
pr0cf5/kernel-exploit-practice
repository for kernel exploit practice
americo/sqlifinder
SQL Injection Vulnerability Scanner made with Python
tijme/angularjs-csti-scanner
Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.
SAPT01/HBSQLI
Automated Tool for Testing Header Based Blind SQL Injection
danialhalo/SqliSniper
Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers
Ebryx/GitDump
A pentesting tool that dumps the source code from .git even when the directory traversal is disabled
W01fh4cker/CVE-2023-46747-RCE
exploit for f5-big-ip RCE cve-2023-46747
neex/ghostinthepdf
HernanRodriguez1/SQLi_Sleeps
faiyazahmad07/WEBSTER
A modern tool written in python for hunting open redirection