xaeroborg's Stars
martoast/google-maps-scraper
Google Maps Scraper can extract business names and phone numbers from any business type and location.
yogeshojha/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
ax/apk.sh
apk.sh makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK.
xnl-h4ck3r/GAP-Burp-Extension
Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
stevenvachon/broken-link-checker
Find broken links, missing images, etc within your HTML.
k4m4/terminals-are-sexy
💥 A curated list of Terminal frameworks, plugins & resources for CLI lovers.
tomnomnom/anew
A tool for adding new lines to files, skipping duplicates
fyoorer/ShadowClone
Unleash the power of cloud
Neo23x0/log4shell-detector
Detector for Log4Shell exploitation attempts
NorthwaveSecurity/log4jcheck
A script that checks for vulnerable Log4j (CVE-2021-44228) systems using injection of the payload in common HTTP headers.
takito1812/log4j-detect
Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading
hillu/local-log4j-vuln-scanner
Simple local scanner for vulnerable log4j instances
defparam/smuggler
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
yeswehack/YesWeBurp
YesWeHack Api Extension for Burp
ethicalhackingplayground/wordlistgen
Generates target specific word lists for Fuzzing with fuff
KathanP19/JSFScan.sh
Automation for javascript recon in bug bounty.
s0md3v/Arjun
HTTP parameter discovery suite.
ArturSS7/TukTuk
Tool for catching and logging different types of requests.
allyomalley/dnsobserver
A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for out-of-band DNS interactions and sends lookup notifications via Slack.
mazen160/xless
The Serverless Blind XSS App
fersingb/easy-collab
Docker image that provides features similar to Burp Collaborator
epi052/feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
chbrown/unmap
Unpack a JavaScript Source Map back into filesystem structure
dstotijn/hetty
An HTTP toolkit for security research.
SilverPoision/a-full-list-of-wordlists
this contain the burp pack
makuga01/dnsFookup
DNS rebinding toolkit
ambionics/phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
ndelphit/apkurlgrep
Extract endpoints from APK files
jakejarvis/awesome-shodan-queries
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
pry0cc/axiom
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!