reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

🕵️‍♂️ All-in-one OSINT tool for analysing any website

Find web directories without bruteforce

An IIS short filename enumeration tool

A cloudflare verification bypass script for webscraping

Solve Google reCAPTCHA in less than 5 seconds! 🚀

A list of public penetration test reports published by several consulting firms and academic security groups.

Automation of tokens/api keys testing.

Open Redirection Analyzer

some sort of ddos-tools

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling

Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3

A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.

Cloning apk for bypassing code tampering detection, Google Safety Net and scanning vulnerable plugins

Collection of publicly available IPTV channels from all over the world

Get PROXY List that gets updated everyday

Practical Ethical Hacking Labs 🗡🛡

A Tool to fuzz Intent on Android

Pre-Built Vulnerable Environments Based on Docker-Compose

Scan for misconfigured S3 buckets across S3-compatible APIs!

GitHub Action for deploying code via rsync over ssh. (with NodeJS)

Download a large file from Google Drive (curl/wget fails because of the security notice).

1337 Wordlists for Bug Bounty Hunting

It's a vulnerability scanner tool for test Apache Path Traversal 👾

Made your bugbounty subdomains reconnaissance easier with Hunt3r the web application reconnaissance framework

This repository contains resources to learn blockchain technologies and blockchain hacking.