Pinned Repositories
awesome-api-security
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Beginners-Guide-to-Obfuscation
noPac
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
Wordlists-2
A collection of wordlists for many different usages.
slooppe's Repositories
slooppe/afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
slooppe/Anubis
Subdomain enumeration and information gathering tool
slooppe/AssetViz
AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration testers and bug bounty hunters conducting reconnaissance, AssetViz provides intuitive insights into domain structures for informed decision-making.
slooppe/AuthzAI
slooppe/awesome-threat-intelligence
A curated list of Awesome Threat Intelligence resources
slooppe/BGPalerter
BGP and RPKI monitoring tool. Pre-configured for real-time detection of visibility loss, RPKI invalid announcements, hijacks, ROA misconfiguration, and more.
slooppe/cent
Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
slooppe/dead-domain-discovery
This Chromium extension scans the page for external iFrames, Scripts, and Styles, logs them to the console, and checks if their domains are resolvable.
slooppe/domloggerpp
A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.
slooppe/durl
Remove duplicate URLs by retaining only the unique combinations of hostname, path, and parameter names
slooppe/GoMapEnum
User enumeration and password bruteforce on Azure, ADFS, OWA, O365 and gather emails on Linkedin
slooppe/Graphpython
Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit
slooppe/GraphSpy
Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI
slooppe/json-cleaner
The utility aims to clean up output generated by popular tools by calculating a hash based on specific JSON values to removing junk data.
slooppe/nuclei-wordfence-cve
You just found a hidden gem 💎
slooppe/opencti
Open Cyber Threat Intelligence Platform
slooppe/programs-watcher
A Python script designed to monitor bug bounty programs for any changes and promptly notify users.
slooppe/ShadowClone
Unleash the power of cloud
slooppe/sj
A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
slooppe/slooppe.github.io
slooppe/spk
spk aka spritzgebaeck: A small OSINT/Recon tool to find CIDRs that belong to a specific organization.
slooppe/SteppingStones
A Red Team Activity Hub
slooppe/Subdominator
The Internets #1 Subdomain Takeover Tool
slooppe/Subdominator2
SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty
slooppe/tldfinder
A streamlined tool for discovering TLDs, associated domains, and related domain names.
slooppe/TokenTactics
Azure JWT Token Manipulation Toolset
slooppe/Typo3Scan
Enumerate Typo3 version and extensions
slooppe/waymore
Find way more from the Wayback Machine!
slooppe/webcopilot
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
slooppe/whoxyrm
A reverse whois tool based on Whoxy API.