njcve

njcve's Stars

• edoardottt/awesome-hacker-search-engines

  A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

  Language:Shell7.6k118109719

• KathanP19/HowToHunt

  Collection of methodology and test case for various web vulnerabilities.

  6.1k277181.7k

• streaak/keyhacks

  Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

  5k106631k

• KasperskyLab/TinyCheck

  TinyCheck allows you to easily capture network communications from a smartphone or any device which can be associated to a Wi-Fi access point in order to quickly analyze them. This can be used to check if any suspect or malicious communication is outgoing from a smartphone, by using heuristics or specific Indicators of Compromise (IoCs). In order to make it working, you need a computer with a Debian-like operating system and two Wi-Fi interfaces. The best choice is to use a Raspberry Pi (2+) a Wi-Fi dongle and a small touch screen. This tiny configuration (for less than $50) allows you to tap any Wi-Fi device, anywhere.

  Language:Python3.1k8184222

• r0oth3x49/ghauri

  An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

  Language:Python3k39165299

• odedshimon/BruteShark

  Network Analysis Tool

  Language:C#3k9868330

• bellingcat/octosuite

  GitHub Data Analysis Framework.

  Language:Python1.8k298161

• danieldurnea/FBI-tools

  🕵️ OSINT Tools for gathering information and actions forensics 🕵️

  1.7k382254

• xnl-h4ck3r/waymore

  Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan & VirusTotal!

  Language:Python1.7k1545193

• Sh1Yo/x8

  Hidden parameters discovery suite

  Language:Rust1.7k2453148

• Dec0ne/KrbRelayUp

  KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

  Language:C#1.5k2323202

• n0kovo/n0kovo_subdomains

  An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.

  5293171

• pwnfoo/NTLMRecon

  Enumerate information from NTLM authentication enabled web endpoints 🔎

  Language:Python46313868

• w9w/JSA

  Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.

  Language:Python3865869

• edoardottt/csprecon

  Discover new target domains using Content Security Policy

  Language:Go3666943

• Th0h0/autossrf

  Smart context-based SSRF vulnerability scanner.

  Language:Python3232441

• sensepost/Frack

  Frack - Keep and Maintain your breach data

  Language:Python3077126

• patrickhener/goshs

  A SimpleHTTPServer written in Go, enhanced with features and with a nice design - https://goshs.de

  Language:Go27564822

• lauritzh/domscan

  Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.

  Language:JavaScript21221129

• j3ssie/goverview

  goverview - Get an overview of the list of URLs

  Language:Go1435224

• midoxnet/mapperplus

  MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.

  Language:JavaScript1151212

• wdahlenburg/VhostFinder

  Identify virtual hosts by similarity comparison

  Language:Go1142420

• xnl-h4ck3r/LookMark

  A browser bookmark to show hidden fields and enable disabled fields on a web page

  17202

• vitorfhc/spammer

  Request every path for every host

  Language:Go12202

• JeppW/npm-dependency-confusion-poc

  Simple PoC package for testing for dependency confusion vulnerabilities.

  Language:JavaScript92