Pinned Repositories
awesome-api-security
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Awesome-Red-Teaming
List of Awesome Red Teaming Resources
Beginners-Guide-to-Obfuscation
noPac
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
Wordlists-2
A collection of wordlists for many different usages.
slooppe's Repositories
slooppe/AssetViz
AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration testers and bug bounty hunters conducting reconnaissance, AssetViz provides intuitive insights into domain structures for informed decision-making.
slooppe/attack-navigator
Web app that provides basic navigation and annotation of ATT&CK matrices
slooppe/awesome-threat-intelligence
A curated list of Awesome Threat Intelligence resources
slooppe/crossfeed
External monitoring for organization assets
slooppe/durl
Remove duplicate URLs by retaining only the unique combinations of hostname, path, and parameter names
slooppe/excalibur
Pivot from a Twitter profile to Medium, Product Hunt, Mastodon, and more with OSINT
slooppe/find-s3-account
Sample code for finding AWS Account ID of an S3 bucket.
slooppe/gal
Get all possible href | src | url from target url or domain
slooppe/gau
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
slooppe/github-secrets
This tool analyzes a given Github repository and searches for dangling or force-pushed commits containing potential secret or interesting information.
slooppe/godeclutter
Declutters URLs in a fast and flexible way, for improving input for web hacking automations such as crawlers and vulnerability scans.
slooppe/GraphSpy
Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI
slooppe/gungnir
CT Log Scanner
slooppe/hacktricks-cloud
slooppe/jsmug
A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON
slooppe/json-cleaner
The utility aims to clean up output generated by popular tools by calculating a hash based on specific JSON values to removing junk data.
slooppe/Misconfiguration-Manager
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
slooppe/OFFAT
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.
slooppe/opencti
Open Cyber Threat Intelligence Platform
slooppe/programs-watcher
A Python script designed to monitor bug bounty programs for any changes and promptly notify users.
slooppe/rextract
CLI tool that extracts a regex pattern from a list of urls ( Rust )
slooppe/slooppe.github.io
slooppe/TokenTactics
Azure JWT Token Manipulation Toolset
slooppe/toxicache
Go scanner to find web cache poisoning vulnerabilities in a list of URLs
slooppe/uddup
Urls de-duplication tool for better recon.
slooppe/unew
A tool for append URLs, skipping duplicates & combine parameters.
slooppe/uniqurl
Use uniqurl to filter only unique content from a list of URLs with stdin, making it usable within piped commands
slooppe/waymore
Find way more from the Wayback Machine!
slooppe/wpgarlic
A proof-of-concept WordPress plugin fuzzer
slooppe/xurls
Extract urls from text