Pinned Repositories
10-Reset-Password-Flaws
10 Reset Password Flaws Based on Web Application Security
AllAboutBugBounty
All about bug websites (bypasses, payloads, and etc)
APAC-Firms
A list of Information Security firms operating in th Asia-Pacific region, and where student intake opportunities can be found.
Astra
Automated Security Testing For REST API's
Auto-Enum
This is a script that runs an auto-enumeration on all the well known OWASP vulnerabilities. Primarily for low-hanging fruit in Bug Bounties. Primarily successful with XSS/SQLI and XXE vulnerabilities. Not very fluid with headers/cookies.
autopoisoner
Web cache poisoning vulnerability scanner.
autoredirect
Smart and efficient tool to automate open redirect detection at scale.
autossrf
Smart context-based SSRF vulnerability scanner.
Tempus
Project Tempus is a recon automation script for bug bounty hunters and penetration testers to assist in the 1st phase of the cyber kill chain
saurabh96216's Repositories
saurabh96216/Auto-Enum
This is a script that runs an auto-enumeration on all the well known OWASP vulnerabilities. Primarily for low-hanging fruit in Bug Bounties. Primarily successful with XSS/SQLI and XXE vulnerabilities. Not very fluid with headers/cookies.
saurabh96216/autopoisoner
Web cache poisoning vulnerability scanner.
saurabh96216/autoredirect
Smart and efficient tool to automate open redirect detection at scale.
saurabh96216/autossrf
Smart context-based SSRF vulnerability scanner.
saurabh96216/Bug-Bounty-Automation
saurabh96216/burp-auto-gql
A plugin for Burp Suite Pro that uses the GraphQL schema to begin Active Scanning the entire endpoint.
saurabh96216/crest-cpsa
Project to train for CREST CPSA exam
saurabh96216/crlfi
CRLF Bug scanner for WebPentesters and Bugbounty Hunters
saurabh96216/crlfuzz
A fast tool to scan CRLF vulnerability written in Go
saurabh96216/dnstake
DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
saurabh96216/Domain2IP-Converter
Convert domain lists to resolved IP without duplicated, useful for strong large recon, and Bug Bounty
saurabh96216/Logsensor
A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning
saurabh96216/MXS
A powerful asynchronous XSS scanner supporting up to 1,500 concurrent requests.
saurabh96216/nowafpls
Burp Plugin to Bypass WAFs through the insertion of Junk Data
saurabh96216/Nuclei-bug-hunter
i will upload more templates here to share with the comunity.
saurabh96216/nuclei-templates
My own Custom nuclei templates
saurabh96216/OpenRedirector
OpenRedirector is a powerful automation tool for detecting Open Redirect vulnerabilities in web applications
saurabh96216/password-list
Password lists with top passwords to optimize bruteforce attacks
saurabh96216/priv8-Nuclei
this repo contains all nuclei templates for particular vulnerability that i used mosty while hunting..
saurabh96216/reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
saurabh96216/sessionprobe
SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.
saurabh96216/SQLiDetector
Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases.
saurabh96216/SQLiSpotter
SQLiProbe is a Bash script designed to automate the testing of URLs for error-based SQL injection vulnerabilities on bulk URLs.
saurabh96216/ssrfuzzer
Parameter fuzzer for finding hidden parameters and SSRF. Useful for bug bounty or external pentest.
saurabh96216/Subenum_deep_subdomain_enumeration
In this repo, I have created a subdomain enumeration function that grab subdomains in deep.
saurabh96216/TerminatorZ
TerminatorZ is a highly sophisticated and efficient web security tool that scans for top potential vulnerabilities with known CVEs in your web applications.
saurabh96216/VEnum
Subdomain Enumeration Tool is a Bash script designed to automate subdomain enumeration and analysis.
saurabh96216/Wordpresscan
WPScan rewritten in Python + some WPSeku ideas
saurabh96216/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
saurabh96216/Xss_scanner_web
Simple xss scanner