shamrocksu88

shamrocksu88's Repositories

• shamrocksu88/Arjun

  HTTP parameter discovery suite.

  Language:Python10

• shamrocksu88/awesome-shodan-queries

  🔍 A collection of interesting, funny, and depressing search queries to plug into https://shodan.io/ 👩‍💻

  10

• shamrocksu88/bugbounty-resources

• shamrocksu88/client-side-prototype-pollution

  Prototype Pollution and useful Script Gadgets

• shamrocksu88/cve-2019-19781

  This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first.

• shamrocksu88/ffuf

  Fast web fuzzer written in Go

  Language:Go10

• shamrocksu88/findomain

  The fastest and cross-platform subdomain enumerator, don't waste your time.

• shamrocksu88/firefox-ios

  Firefox for iOS

• shamrocksu88/fockcache

  FockCache - Minimalized Test Cache Poisoning

• shamrocksu88/GAP-Burp-Extension

  Burp Extensions

• shamrocksu88/google-10000-english

  This repo contains a list of the 10,000 most common English words in order of frequency, as determined by n-gram frequency analysis of the Google's Trillion Word Corpus.

• shamrocksu88/GraphQLmap

  GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.

• shamrocksu88/graphquail

  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.

  Language:Java10

• shamrocksu88/Insecure-Firebase-Exploit

  A simple Python Exploit to Write Data to Insecure/vulnerable firebase databases! Commonly found inside Mobile Apps. If the owner of the app have set the security rules as true for both "read" & "write" an attacker can probably dump database and write his own data to firebase db.

• shamrocksu88/leaky-paths

  A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

  10

• shamrocksu88/masscan

  TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

• shamrocksu88/nmap

  Detectar vulnerabilidades de Path traversal con nmap

• shamrocksu88/pathbrute

  Pathbrute

• shamrocksu88/PayloadsAllTheThings

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

• shamrocksu88/pentest-tools

  Custom pentesting tools

  Language:Python10

• shamrocksu88/Photon

  Incredibly fast crawler designed for OSINT.

• shamrocksu88/reconftw

  reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

• shamrocksu88/SecLists

  SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

• shamrocksu88/shhgit

  Ah shhgit! Find GitHub secrets in real time

• shamrocksu88/sitedorks

  Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with different websites. A default list is already provided.

  Language:Python10

• shamrocksu88/smuggler

  Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3

• shamrocksu88/subjs

  Fetches javascript file from a list of URLS or subdomains.

• shamrocksu88/tools

• shamrocksu88/totalrecon

  TotalRecon installs all the recon tools you need

• shamrocksu88/turbo-intruder

  Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.