This tool generates gopher link for exploiting SSRF and gaining RCE in various servers

⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)

The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices

Small, fast tool for performing reverse DNS lookups en masse.

A collection of one-liners for bug bounty hunting.

A collection of awesome one-liner scripts especially for bug bounty tips.

A fuzzer for detecting open redirect vulnerabilities

A tool to check a bunch of URLs that contain reflecting params.

A wrapper around grep, to help you grep for things

Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application

A fast, simple, recursive content discovery tool written in Rust.

A curated list of various bug bounty tools

caplets and proxy modules.

Hidden parameters discovery suite

Contextual Content Discovery Tool

A rapid API for the Project Sonar dataset

Automated Security Testing For REST API's

Automated script for performing Padding Oracle attacks

Adversary Emulation Framework

Obtain GraphQL API schema even if the introspection is disabled

A tool that can help detect and takeover subdomains with dead DNS records

🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens

Simple HS256, HS384 & HS512 JWT token brute force cracker.

Wi-Fi Exploitation Framework

Mimikatz implementation in pure Python

Display and control your Android device

An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.

Reconnaissance tool for GitHub organizations

Protect and discover secrets using Gitleaks 🔑

An enterprise friendly way of detecting and preventing secrets in code.