pranav1hivarekar's Stars
banjtheman/chataws
A ChatGPT plugin that allows users to create websites and Lambda functions using ChatGPT
latentcat/qrbtf
AI & parametric QR code generator. AI & 参数化二维码生成器。https://qrbtf.com
dair-ai/Prompt-Engineering-Guide
🐙 Guides, papers, lecture, notebooks and resources for prompt engineering
vinothsparrow/iframe-broker
Extension to log iframe and cross window communications.
anshumanbh/tko-subs
A tool that can help detect and takeover subdomains with dead DNS records
reddelexc/hackerone-reports
Top disclosed reports from HackerOne
streaak/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
wkhtmltopdf/wkhtmltopdf
Convert HTML to PDF using Webkit (QtWebKit)
minimaxir/big-list-of-naughty-strings
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
orangetw/Tiny-URL-Fuzzer
A tiny and cute URL fuzzer
Voulnet/desharialize
allanlw/svg-cheatsheet
A cheatsheet for exploiting server-side SVG processors.
internetwache/GitTools
A repository with 3 tools for pwn'ing websites with .git repositories available
incredibleindishell/SSRF_Vulnerable_Lab
This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
LinkedInAttic/jaqen
Jaqen - Simple DNS rebinding
nccgroup/singularity
A DNS rebinding attack framework.
basecamp/xip-pdns
PowerDNS pipe backend adapter powering xip.io
makuga01/dnsFookup
DNS rebinding toolkit
jdonsec/AllThingsSSRF
This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
eth0izzle/shhgit
Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.
anshumanbh/terraform-burp-collaborator
Terraform configuration to build a Burp Private Collaborator Server
viperbluff/Firebase-Extractor
A tool written in python for scraping firebase data
securityidiots/CollabOzark
CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.
knownsec/pocsuite3
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Findomain/Findomain
The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, multiple API Keys for sources and much more.
nixawk/pentest-wiki
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
OWASP/API-Security
OWASP API Security Project
OWASP/ASVS
Application Security Verification Standard
exploitprotocol/awesome-security
A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
GitGuardian/APISecurityBestPractices
Resources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.