- localhost
Starred repositories
ztgrace / docem
Forked from whitel1st/docemUility to embed XXE and XSS payloads in docx,odt,pptx,etc (OXML_XEE on steroids)
pikpikcu / unew
Forked from dwisiswant0/unewA tool for append URLs, skipping duplicates & combine parameters.
tk-t0n0y / dnstake
Forked from pwnesia/dnstakeDNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
emadshanab / femida
Forked from wish-i-was/femidaAutomated blind-xss search for Burp Suite
API Security Project aims to present unique attack & defense methods in API Security field
tk-t0n0y / Dome
Forked from v4d1/DomeFast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
Takeoverflo / SecretFinder
Forked from m4ll0k/SecretFinderSecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
tk-t0n0y / Atlas
Forked from m4ll0k/AtlasQuick SQLMap Tamper Suggester
Takeoverflo / scilla
Forked from edoardottt/scillaInformation Gathering tool - DNS / Subdomains / Ports / Directories enumeration
tk-t0n0y / vhosts-sieve
Forked from dariusztytko/vhosts-sieveSearching for virtual hosts among non-resolvable domains
Takeoverflo / x8-Burp
Forked from tk-t0n0y/x8-BurpHidden parameters discovery suite
tk-t0n0y / url-tracker
Forked from ahussam/url-trackerChange monitoring app that checks the content of web pages in different periods.
Takeoverflo / cariddi
Forked from tk-t0n0y/cariddiTake a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more...
Exfiltrate blind remote code execution output over DNS via Burp Collaborator.
emadshanab / Garud
Forked from R0X4R/GarudAn automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
PortSwigger / aes-killer
Forked from Ebryx/AES-KillerBurp Plugin to decrypt AES encrypted traffic on the fly
This repo is meant to be a list of companies that hire security people full remote.
GwynHannay / meg
Forked from tomnomnom/megFetch many paths for many hosts - without killing the hosts
tk-t0n0y / certex
Forked from zeroc00I/certexmonitors certificate transparency logs
tk-t0n0y / Backup-Finder
Forked from moeinfatehi/Backup-FinderA burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP OTG-CONFIG-004)
tk-t0n0y / subjs
Forked from lc/subjsFetches javascript file from a list of URLS or subdomains.
tk-t0n0y / mapcidr
Forked from projectdiscovery/mapcidrSmall utility program to perform multiple operations for a given subnet/CIDR ranges.
burpsuite extension for check unauthorized vulnerability
A Burp Suite plugin/extension that offers a shell in Burp. Both useful for OS Command injection and LFI exploration
taku65maku / OSINT
Forked from sinwindie/OSINTCollections of tools and methods created to aid in OSINT collection
tk-t0n0y / gotator
Forked from Josue87/gotatorGotator is a tool to generate DNS wordlists through permutations.
kimocoder / wifite2
Forked from derv82/wifite2Rewrite of the popular wireless network auditor, "wifite" - original by @derv82
Yashrk078 / Rekon
Forked from shiblisec/RekonThe project contains multiple shell scripts for automating the tasks during recon.