soerlemans's Stars
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
git/git
Git Source Code Mirror - This is a publish-only repository but pull requests can be turned into patches to the mailing list via GitGitGadget (https://gitgitgadget.github.io/). Please follow Documentation/SubmittingPatches procedure for any of your improvements.
projectdiscovery/nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
HigherOrderCO/Bend
A massively parallel, high-level programming language
ffuf/ffuf
Fast web fuzzer written in Go
zaproxy/zaproxy
The ZAP by Checkmarx Core project
projectdiscovery/katana
A next-generation crawling and spidering framework.
owasp-amass/amass
In-depth attack surface mapping and asset discovery
htr-tech/zphisher
An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !
beefproject/beef
The Browser Exploitation Framework Project
instaloader/instaloader
Download pictures (or videos) along with their captions and other metadata from Instagram.
aemkei/jsfuck
Write any JavaScript with 6 Characters: []()!+
megadose/holehe
holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.
ticarpi/jwt_tool
:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
dwisiswant0/apkleaks
Scanning APK file for URIs, endpoints & secrets.
hakluke/hakrawler
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
vavkamil/awesome-bugbounty-tools
A curated list of various bug bounty tools
lc/gau
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
RetireJS/retire.js
scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
devanshbatham/ParamSpider
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
standardese/cppast
Library to parse and work with the C++ AST
xlab/c-for-go
Automatic C-Go Bindings Generator for Go Programming Language
assetnote/wordlists
Automated & Manual Wordlists provided by Assetnote
0xInfection/XSRFProbe
The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
rverton/webanalyze
Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
Alfredredbird/tookie-osint
Tookie is a advanced OSINT information gathering tool that finds social media accounts based on inputs.
faiyazahmad07/xss_vibes
A modern tool written in Python that automates your xss findings.
hoodoer/JS-Tap
JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom JavaScript payloads in clients, and a "mimic" feature that automatically generates custom payloads.
ferreiraklet/Jeeves
Jeeves SQLI Finder
teambi0s/dfunc-bypasser
This tool is for letting you know how strong your disable_functions is and how you can bypass that.