zesty

zesty's Stars

• danielmiessler/SecLists

  SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

  Language:PHP58.9k1.9k27024k

• laramies/theHarvester

  E-mails, subdomains and names Harvester - OSINT

  Language:Python11.5k2954362k

• graphql-kit/graphql-voyager

  🛰️ Represent any GraphQL API as an interactive graph

  Language:TypeScript7.8k95201516

• streaak/keyhacks

  Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

  5.1k106631.1k

• elceef/dnstwist

  Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

  Language:Python4.9k156124775

• erebe/wstunnel

  Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available

  Language:Rust4.4k55323372

• OWASP/Nettacker

  Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

  Language:Python3.7k111226783

• wcventure/FuzzingPaper

  Recent Fuzzing Paper

  2.5k15613366

• enjoiz/XXEinjector

  Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.

  Language:Ruby1.5k5410313

• rmcelreath/stat_rethinking_2024

  Language:R1.3k602133

• t3l3machus/toxssin

  An XSS exploitation command-line interface and payload generator.

  Language:Python1.3k186178

• RenwaX23/XSS-Payloads

  List of XSS Vectors/Payloads

  1.2k420255

• BuffaloWill/oxml_xxe

  A tool for embedding XXE/XML exploits into different filetypes

  Language:Ruby1k3230231

• vavkamil/awesome-vulnerable-apps

  Awesome Vulnerable Applications

  1k212161

• swanandx/lemmeknow

  The fastest way to identify anything!

  Language:Rust95482738

• projectdiscovery/tlsx

  Fast and configurable TLS grabber focused on TLS based data collection.

  Language:Go8622610779

• robiot/rustcat

  Rustcat(rcat) - The modern Port listener and Reverse shell

  Language:Rust717113260

• Hari-prasaanth/Web-App-Pentest-Checklist

  A OWASP Based Checklist With 500+ Test Cases

  645120134

• matusf/openapi-fuzzer

  Black-box fuzzer that fuzzes APIs based on OpenAPI specification. Find bugs for free!

  Language:Rust54482724

• luisfontes19/xxexploiter

  Tool to help exploit XXE vulnerabilities

  Language:TypeScript54314569

• nexB/vulnerablecode

  A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

  Language:Python51122933188

• pwnwriter/haylxon

  ⚡ Blazing-fast tool to grab screenshots of your domain list right from terminal.

  Language:Rust39942519

• stealthsploit/OneRuleToRuleThemStill

  A revamped and updated version of my original OneRuleToRuleThemAll hashcat rule

  3925243

• Escape-Technologies/graphql-wordlist

  The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.

  Language:TypeScript3335235

• nikitastupin/param-miner-doc

  Unofficial documentation for the great tool Param Miner

  1734426

• 0xPugal/Awesome-Dorks

  Dorks for Bug Bounty Hunting

  1593040

• r1cksec/corptrace

  Automate Scoping, OSINT and Recon assessments.

  Language:Shell922110

• vdespa/automation-with-postman-course

  864942

• c3l3si4n/thankunext

  Easily gather all routes related to a NextJs application through parsing of _buildManifest.js

  Language:Go52114

• victoni/elasticsearch2

  Elastic(search²) is a small tool for discovering and analyzing Elasticsearch hosts for leaks and exposures from various search engines.

  Language:Python6110