nutthanonn

nutthanonn's Stars

• projectdiscovery/katana

  A next-generation crawling and spidering framework.

  Language:Go10.6k89275554

• 0xk1h0/ChatGPT_DAN

  ChatGPT DAN, Jailbreaks prompt

  6.2k17179577

• EdOverflow/bugbounty-cheatsheet

  A list of interesting payloads, tips and tricks for bug bounty hunters.

  5.7k23751.5k

• blacklanternsecurity/bbot

  A recursive internet scanner for hackers.

  Language:Python4.2k33738379

• tomnomnom/waybackurls

  Fetch all the URLs that the Wayback Machine knows about for a domain

  Language:Go3.3k6442451

• projectdiscovery/interactsh

  An OOB interaction gathering server and client library

  Language:Go3.2k41185347

• Pennyw0rth/NetExec

  The Network Execution Tool

  Language:Python2.7k23127278

• kozmer/log4j-shell-poc

  A Proof-Of-Concept for the CVE-2021-44228 vulnerability.

  Language:Python1.8k270526

• WADComs/WADComs.github.io

  WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.

  Language:HTML1.4k391162

• stealthcopter/deepce

  Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)

  Language:Shell1.2k1125102

• CravateRouge/bloodyAD

  BloodyAD is an Active Directory Privilege Escalation Framework

  Language:Python1.1k1340111

• elkokc/reflector

  Burp plugin able to find reflected XSS on page in real-time while browsing on site

  Language:Java1.1k3319162

• caido/caido

  🚀 Caido releases, wiki and roadmap

  Language:TypeScript999181.1k41

• TrimarcJake/Locksmith

  A small tool built to find and fix common misconfigurations in Active Directory Certificate Services.

  Language:PowerShell776143372

• m8sec/subscraper

  Subdomain and target enumeration tool built for offensive security testing

  Language:Python77229997

• taviso/rbndr

  Simple DNS Rebinding Service

  Language:C607161080

• honoki/bbrf-client

  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices

  Language:Python598259890

• n0kovo/n0kovo_subdomains

  An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.

  4953165

• Quitten/doser.go

  DoS tool for HTTP requests (inspired by hulk but has more functionalities)

  Language:Go437214172

• gotr00t0day/spyhunt

  recon for bug hunters

  Language:Python33562872

• kevin-mizu/domloggerpp

  A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.

  Language:JavaScript32751128

• sarperavci/CloudflareBypassForScraping

  A cloudflare verification bypass script for webscraping

  Language:Python28551043

• hackthebox/cyber-apocalypse-2024

  Official writeups for Cyber Apocalypse CTF 2024: Hacker Royale

  Language:Python1535030

• leetCipher/bug-bounty-labs

  All the labs in this repository simulate real world bugs I found in the wild

  Language:Python1536255

• hackvertor/blind-css-exfiltration

  Language:HTML82207

• whitehat-zero/PowEnum

  Executes common PowerSploit Powerview functions then combines output into a spreadsheet for easy analysis.

  Language:PowerShell675017

• bhaveshk90/Content-Security-Policy-CSP-Bypass-Techniques

  Content-Security-Policy (CSP) Bypass Techniques

  35106

• user0x1337/CVE-2022-39227

  CVE-2022-39227 : Proof of Concept

  Language:Python19101

• takabaya-shi/LFI2RCE

  LFI to RCE tool.

  Language:Python14104

• d0rb/CVE-2023-42931

  The exploit targets a critical privilege escalation vulnerability in macOS versions Monterey, Ventura, and Sonoma.

  Language:Python3110