Pinned Repositories
003Recon
Some tools to automate recon - 003random
1ndiList
Recon Custom WordList Ganerator
230-OOB
An Out-of-Band XXE server for retrieving file contents over FTP.
30-Days-Of-JavaScript
30 days of JavaScript programming challenge is a step by step guide to learn JavaScript programming language in 30 days. This challenge may take up to 100 days, please just follow your own pace.
apkurlgrep
Extract endpoints from APK files
archaeologit
Archaeologit scans the history of a user's GitHub repositories for a given pattern to find sensitive things.
Arjun
HTTP parameter discovery suite.
automate-with-actions
Perform automated recon via github action
superdeen's Repositories
superdeen/1ndiList
Recon Custom WordList Ganerator
superdeen/apkurlgrep
Extract endpoints from APK files
superdeen/awesome-burp-suite
Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.
superdeen/Bug-Bounty-Tools
The tools I have programmed to help me with bugbounty's
superdeen/BugBounty
RepoToStoreBugBountyInfo
superdeen/CloudBunny
CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
superdeen/diffJs
Tool for monitoring changes in javascript files on WebApps for reconnaissance.
superdeen/DumpsterDiver
Tool to search secrets in various filetypes.
superdeen/extended-xss-search
A better version of my xssfinder tool - scans for different types of xss on a list of urls.
superdeen/fuzz.txt
Potentially dangerous files
superdeen/G-Calendar-Audit
Simple script to check for public Google Calendar.
superdeen/hackNos
CTF Player
superdeen/hostinjector
Multithreaded Host Header Redirection Scanner
superdeen/identYwaf
Blind WAF identification tool
superdeen/intro-to-apis-course
Introduction to APIs course
superdeen/js-parse
Find subdomains, relative urls, parameter, custom headers and api keys in javascript files
superdeen/JWT-Exploitation
Collection of different exploitation scenarios of JWT.
superdeen/Konan
Konan - Advanced Web Application Dir Scanner
superdeen/oauth-2.0-security-cheat-sheet
oauth security guidelines
superdeen/OOB-Server
A Bind9 server for pentesters to use for Out-of-Band vulnerabilities
superdeen/Pluralsight-Course-Downloader
Chrome Extension: Easily download course video from pluralsight. Videos renamed and organized in folder.
superdeen/Smart-Contract-Hacking
List of resources to learn smart contract hacking.
superdeen/SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 checklist
superdeen/SSRFire
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
superdeen/TIDoS-Framework
The Offensive Manual Web Application Penetration Testing Framework.
superdeen/vuln_uris
superdeen/waybackSqliScanner
superdeen/WhatWaf
Detect and bypass web application firewalls and protection systems
superdeen/xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
superdeen/XSSwagger
A simple Swagger-ui scanner that can detect old versions vulnerable to various XSS attacks