shamrocksu88's Repositories
shamrocksu88/Arjun
HTTP parameter discovery suite.
shamrocksu88/awesome-shodan-queries
🔍 A collection of interesting, funny, and depressing search queries to plug into https://shodan.io/ 👩💻
shamrocksu88/bugbounty-resources
shamrocksu88/client-side-prototype-pollution
Prototype Pollution and useful Script Gadgets
shamrocksu88/cve-2019-19781
This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first.
shamrocksu88/ffuf
Fast web fuzzer written in Go
shamrocksu88/findomain
The fastest and cross-platform subdomain enumerator, don't waste your time.
shamrocksu88/firefox-ios
Firefox for iOS
shamrocksu88/fockcache
FockCache - Minimalized Test Cache Poisoning
shamrocksu88/GAP-Burp-Extension
Burp Extensions
shamrocksu88/google-10000-english
This repo contains a list of the 10,000 most common English words in order of frequency, as determined by n-gram frequency analysis of the Google's Trillion Word Corpus.
shamrocksu88/GraphQLmap
GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.
shamrocksu88/graphquail
Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
shamrocksu88/Insecure-Firebase-Exploit
A simple Python Exploit to Write Data to Insecure/vulnerable firebase databases! Commonly found inside Mobile Apps. If the owner of the app have set the security rules as true for both "read" & "write" an attacker can probably dump database and write his own data to firebase db.
shamrocksu88/leaky-paths
A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
shamrocksu88/masscan
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
shamrocksu88/nmap
Detectar vulnerabilidades de Path traversal con nmap
shamrocksu88/pathbrute
Pathbrute
shamrocksu88/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
shamrocksu88/pentest-tools
Custom pentesting tools
shamrocksu88/Photon
Incredibly fast crawler designed for OSINT.
shamrocksu88/reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
shamrocksu88/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
shamrocksu88/shhgit
Ah shhgit! Find GitHub secrets in real time
shamrocksu88/sitedorks
Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with different websites. A default list is already provided.
shamrocksu88/smuggler
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
shamrocksu88/subjs
Fetches javascript file from a list of URLS or subdomains.
shamrocksu88/tools
shamrocksu88/totalrecon
TotalRecon installs all the recon tools you need
shamrocksu88/turbo-intruder
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.