🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
-
Updated
Sep 22, 2024 - Go
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
Tips and Tutorials for Bug Bounty and also Penetration Tests.
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
The fastest dork scanner written in Go.
平常看到好的渗透hacking工具和多领域效率工具的集合
Automation for javascript recon in bug bounty.
Payload Arsenal for Pentration Tester and Bug Bounty Hunters
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
An IIS short filename enumeration tool
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
A tool to check a bunch of URLs that contain reflecting params.
A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including domain emails, domain credentials, CIDRs , ASNs , and subdomains, the tool also allows users to search Google Play application ID.
Discover new target domains using Content Security Policy
A python tool to check subdomain takeover vulnerability
XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities
Add a description, image, and links to the bugbounty-tool topic page so that developers can more easily learn about it.
To associate your repository with the bugbounty-tool topic, visit your repo's landing page and select "manage topics."