darling-x0r
Follow
Stars
A combined wordlists for files and directory discovery
Trying to make automated recon for bug bounties
A cross-platform protocol library to communicate with iOS devices
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
A Security Tool for Bug Bounty, Pentest and Red Teaming.
An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing s…
A high-speed tool for passively gathering URLs, optimized for efficient and comprehensive web asset discovery without active scanning.
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …
The cheat sheet about Java Deserialization vulnerabilities
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Making Favicon.ico based Recon Great again !
Bypass 4xx HTTP response status codes and more. Based on PycURL and Python Requests.
Fast passive subdomain enumeration tool.
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Pentesting automation platform that combines hacking tools to complete assessments
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
pull decrypted ipa from jailbreak device