Highlights
- Pro
-
keyhacks Public
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
-
pastebin-scraper Public
Pastebin-scraper tool leverages the API of https://psbdmp.ws/ to find emails/domains dumped in pastebin.
-
-
github-search Public
Forked from gwen001/github-searchTools to perform basic search on GitHub.
-
APAC-Conferences Public
Forked from Infosec-Community/APAC-ConferencesA community contributed consolidated list of InfoSec meetups in the Asia Pacific region.
-
SubOver Public
Forked from Ice3man543/SubOverA Powerful Subdomain Takeover Tool
-
CRLF-Injection-Scanner Public
Forked from MichaelStott/CRLF-Injection-ScannerCommand line tool for testing CRLF injection on list of domains.
-
big-list-of-naughty-strings Public
Forked from minimaxir/big-list-of-naughty-stringsThe Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
-
hacks-1 Public
Forked from tomnomnom/hacksA collection of hacks and one-off scripts
-
certasset Public
Forked from arbazkiraak/certassetTakes ip range, Scan all open SSL Certs, Grab Cnames
-
ICU Public
Forked from 003random/ICUAn Extended, Modulair, Host Discovery Framework
-
oxml_xxe Public
Forked from BuffaloWill/oxml_xxeA tool for embedding XXE/XML exploits into different filetypes
-
h1-212-ctf-solutions Public
Forked from Hacker0x01/h1-212-ctf-solutionsA collection of the solutions people wrote for the H1-212 Capture The Flag event
-
assetnote-poc Public
Forked from tdr130/assetnote(Proof of concept) push notifications for passive DNS data
JavaScript UpdatedOct 5, 2017 -
bugbounty-cheatsheet Public
Forked from EdOverflow/bugbounty-cheatsheetA list of interesting payloads, tips and tricks for bug bounty hunters.
-
gen_report Public
A quick, customizeable report generator for HackeOne. Increases productivity & efficiency.
PHP UpdatedOct 4, 2017 -
OSINT-Framework Public
Forked from lockfale/OSINT-FrameworkOSINT Framework
-
PayloadsAllTheThings Public
Forked from swisskyrepo/PayloadsAllTheThingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
-
SSRF-Testing Public
Forked from cujanovic/SSRF-TestingSSRF (Server Side Request Forgery) testing resources
-
retire.js Public
Forked from RetireJS/retire.jsscanner detecting the use of JavaScript libraries with known vulnerabilities
-
gifoeb Public
Forked from neex/gifoebexploit for ImageMagick's uninitialized memory disclosure in gif coder
Python UpdatedJul 22, 2017 -
jwt_tool Public
Forked from ticarpi/jwt_tool🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens
-
Java-Deserialization-Cheat-Sheet Public
Forked from GrrrDog/Java-Deserialization-Cheat-SheetThe cheat sheet about Java Deserialization vulnerabilities
-
-
CRLF-Injection-Payloads Public
Forked from cujanovic/CRLF-Injection-PayloadsPayloads for CRLF Injection
2 UpdatedMay 4, 2017 -
java_deserialization_exploits Public
Forked from Coalfire-Research/java-deserialization-exploitsA collection of Java Deserialization Exploits
-
AndroidPinning Public
Forked from moxie0/AndroidPinningA standalone library project for certificate pinning on Android.
Java GNU General Public License v3.0 UpdatedAug 20, 2015 -
heartbleed-poc Public
Forked from sensepost/heartbleed-pocTest for SSL heartbeat vulnerability (CVE-2014-0160)
-
hackpad Public
Forked from michenriksen/hackpadA web application hacker's toolbox. Base64 encoding/decoding, URL encoding/decoding, MD5/SHA1/SHA256/HMAC hashing, code deobfuscation, formatting, highlighting and much more.