thr3athunt3r

thr3athunt3r's Stars

• ustayready/fireprox

  AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation

  Language:Python2k277

• Sprocket-Security/gigaproxy

  One proxy to rule them all

  Language:HCL11610

• GoSecure/request-smuggling-workshop

  Language:Python2511

• hakluke/hakrevdns

  Small, fast tool for performing reverse DNS lookups en masse.

  Language:Go1.5k158

• Hackmanit/TInjA

  TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines for eight different programming languages.

  Language:Go32927

• Hackmanit/template-injection-playground

  The Template Injection Playground allows to test a large number of the most relevant template engines for template injection possibilities.

  Language:PHP2411

• godaddy/tartufo

  Searches through git repositories for high entropy strings and secrets, digging deep into commit history

  Language:Python49774

• mazen160/secrets-patterns-db

  Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.

  Language:Python1.1k134

• midoxnet/mapperplus

  MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.

  Language:JavaScript13615

• andresriancho/enumerate-iam

  Enumerate the permissions associated with AWS credential set

  Language:Python1.1k180

• nccgroup/ScoutSuite

  Multi-Cloud Security Auditing Tool

  Language:Python6.9k1.1k

• bl4de/dictionaries

  Misc dictionaries for directory/file enumeration, username enumeration, password dictionary/bruteforce attacks

  Language:Python23375

• JoyChou93/java-sec-code

  Java web common vulnerabilities and security code which is base on springboot and spring security

  Language:Java2.4k664

• EFForg/apkeep

  Language:Rust94460

• bitquark/shortscan

  An IIS short filename enumeration tool

  Language:Go85886

• trap-bytes/403jump

  HTTP 403 bypass tool

  Language:Go47848

• Sn1r/Forbidden-Buster

  A tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes and gain access to unauthorized areas in the system. This code is made for security enthusiasts and professionals only. Use it at your own risk.

  Language:Python16934

• iamj0ker/bypass-403

  A simple script just made for self use for bypassing 403

  Language:Shell1.8k296

• byt3hx/403-bypass

  403-bypass tool to bypass 403 responses.

  Language:Python11719

• nico989/B1pass3r

  Python tool to test known techniques to bypass 403 and 401 HTTP responses.

  Language:Python356

• aardwolfsecurityltd/Bulk_403_Bypass

  Language:Shell192

• Dheerajmadhukar/4-ZERO-3

  403/401 Bypass Methods + Bash Automation + Your Support ;)

  Language:Shell1.4k262

• daffainfo/bypass-403

  Go script for bypassing 403 forbidden

  Language:Go15029

• intrudir/BypassFuzzer

  Fuzz 401/403/404 pages for bypasses

  Language:Python28031

• assetnote/blind-ssrf-chains

  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability

  832114

• assetnote/surf

  Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable SSRF candidates.

  Language:Go61744

• s0md3v/SubGPT

  Find subdomains with GPT, for free

  Language:Python33747

• honoki/bbrf-client

  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices

  Language:Python61991

• honoki/bbrf-server

  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices

  Language:Shell30148

• flipkart-incubator/Astra

  Automated Security Testing For REST API's

  Language:Python2.5k406