Pinned Repositories
assetfinder
Find domains and subdomains related to a given domain
crt.sh
(Unofficial) Python API for https://crt.sh
httprobe
Take a list of domains and probe for working HTTP and HTTPS servers
MANSPIDER
Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!
meg
Fetch many paths for many hosts - without killing the hosts
RedEye-1
RedEye is a visual analytic tool supporting Red & Blue Team operations
SecretScanner
Find secrets and passwords in container images and file systems
Utils
A collection of hacks and one-off scripts
waybackurls
Fetch all the URLs that the Wayback Machine knows about for a domain
sec99's Repositories
sec99/go-auxs
Collection of auxiliary command line tools
sec99/AllVideoPocsFromHackerOne
This script grab public report from hacker one and make some folders with poc videos
sec99/bypass-paywalls-chrome
Bypass Paywalls web browser extension for Chrome and Firefox.
sec99/sublert
Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
sec99/aem-hacker
sec99/sharkjack-payloads
The Official Hak5 Shark Jack Payload Repository
sec99/Spring-Boot-Vulnerability
sec99/WitnessMe
Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
sec99/Nmap-Scan-to-CSV
Converts Nmap XML output to csv file, and other useful functions
sec99/GHunt
🕵️♂️ Investigate Google Accounts with emails.
sec99/inetdata
Internet data acquisition
sec99/sns
IIS shortname scanner written in Go
sec99/obs-StreamFX
Bring your stream to life with modern effects! Blur, 3D Transformation, advanced Color Grading, and more - all for free.
sec99/headi
Customisable and automated HTTP header injection
sec99/MobaXterm-Decryptor
MobaXterm Decryptor
sec99/Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
sec99/BurpSuite_403Bypasser
Burpsuite Extension to bypass 403 restricted directory
sec99/proxify
Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation and replay
sec99/notify
Notify is a helper utility written in Go that allows you to pull results from burp collaborator instances and post them to Slack and Discord.
sec99/twint
An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.
sec99/viewgen
viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys
sec99/lazyrecon
This script is intended to automate your reconnaissance process in an organized fashion
sec99/cloudlist
Cloudlist is a tool for listing Assets from multiple Cloud Providers.
sec99/Depix
Recovers passwords from pixelized screenshots
sec99/Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
sec99/ImHex
A Hex Editor for Reverse Engineers, Programmers and people that value their eye sight when working at 3 AM.
sec99/goverview
goverview - Get overview about list of URLs
sec99/nmapAutomator
A script that you can run in the background!
sec99/Reconizer
sec99/Burp2Slack
Push notifications to Slack channel or to custom server based on BurpSuite response conditions.