a vencord plugin to delete messages without your message getting logged by others.

Tools for pentesting Google APIs

OpenSSH server 9.5p1 - 9.9p1 DoS (PoC)

Gather and update all available and newest CVEs with their PoC.

A collection of one-liners for bug bounty hunting.

Bypass Cloudflare's /h/b/jsd challenge using 100% python

Herramienta para evadir disable_functions y open_basedir

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

Search for potentially sensitive files using google dorking and then analyze their content with LLM

Unmask real IP address of a domain hidden behind Cloudflare by IPs bruteforcing

CFDomainDiscover is a command line tool to discover all domains associated to a specific CloudFlare account via a reverse WHOIS search.

Find IPs linked to your list of domains (and/or sub-domains) by turning Censys into an opensource tool (basically, by scrapping it).

Postman OSINT tool to extract creds, token, username, email & more from Postman Public Workspaces

This program show you IMSI numbers of cellphones around you.

Cloudflare operates hundreds of nameservers, here is a list of all of them.

DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it

Yet another tool to dump a git repository from a website, focused on as-complete-as-possible dumps and handling weird edge-cases.

Find web directories without bruteforce

IPv6 address rate limiting evasion tool (that also supports IPv4)

Toy program illustrating how easy it is to crack pseudo-random number generators

Seed recovery tool for PRNGs

Cracking Java's PRNG (java.util.Random) using one (long) token

「🔑」A tool used to hunt down API key leaks in JS files and pages

A repository of credential stealer formats

Pybit Discord Malware Detector / webhook finder

PyInstaller Extractor