Stars
Golang tool which helps dropping the irrelevant entries from your ffuf result file.
FirebaseExploiter is a vulnerability discovery tool that discovers Firebase Database which are open and can be exploitable. Primarily built for mass hunting bug bounties and for penetration testing.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…
Covenant is a collaborative .NET C2 framework for red teamers.
Tools and Techniques for Red Team / Penetration Testing
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Demo of API key cracking using a timing attack
ntoskernel / deepsecrets
Forked from avito-tech/deepsecretsSecrets scanner that understands code
🔓 🔓 Find secrets and passwords in container images and file systems 🔓 🔓
API Security Vulnerability Scanner designed to help you secure your APIs.
List of every possible vulnerabilities in computer security.
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it
Tips and Tutorials for Bug Bounty and also Penetration Tests.
Hardware design files for TSGP Studio's Flipper Zero ESP32 Marauder&NRF24&CC1101 3 IN 1 board
Local File Inclusion discovery and exploitation tool
Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/or bug bounty targets!
Nuclei templates for K8S security scanning
Crawl a site to generate knowledge files to create your own custom GPT from a URL
NucleiScanner is a Powerful Automation tool for detecting Unknown Vulnerabilities in the Web Applications
A amplification/reflector scanner with CIDR support. Used for finding vulnerable protocols on your network commonly used by attackers to launch DrDoS attacks.
JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate re…
A next-generation crawling and spidering framework.
Static solidity smart contracts scanner written in Python
Asset inventory of over 800 public bug bounty programs.
Find all libraries on cdn.js that pollute your prototype