ThomasGoeytil
Follow
Stars
A Python program to scrape secrets from GitHub through usage of a large repository of dorks.
Community curated list of templates for the nuclei engine to find security vulnerabilities.
In-depth attack surface mapping and asset discovery
Automated HTTP Request Repeating With Burp Suite
A compilation of sites with dumb password rules.
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
list of passwords more likely to be used by sysadmins, general nerds, and folk with access
Keep passwords and other sensitive information out of your inboxes and chat logs.
Sleepy Puppy XSS Payload Management Framework
File system driver for mounting an nginx or apache directory listing as a local folder
Custom firmware for the HackRF SDR + PortaPack H1 addon
Portability Add-On for the HackRF Software-Defined Radio.
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Plazmaz / Sublist3r
Forked from aboul3la/Sublist3rFast subdomains enumeration tool for penetration testers
Simple, but smart, multi-threaded web crawler for randomly gathering huge lists of unique domain names.
This tool can be used to brute discover GET and POST parameters
Vulnerability scanner based on vulners.com search API
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
Cloudflare DNS Enumeration Tool for Pentesters
An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker Compose
Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.
A Node.js package for BLE (Bluetooth Low Energy) security assessment using Man-in-the-Middle and other attacks