A collection of various awesome lists for hackers, pentesters and security researchers
Updated Feb 9, 2019
SubFinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework…
Subdomain Takeover tool written in Go
Go
Updated Feb 6, 2019
A Powerful Subdomain Takeover Tool
Go
Updated Aug 30, 2018
Collection of small security tools created mostly in Python. CTFs, pentests and so on
Shell
Updated Mar 13, 2019
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple wa…
Java
Updated Feb 22, 2019
A cross-platform note-taking & target-tracking app for penetration testers.
JavaScript
Updated Jan 20, 2019
SRCMS企业应急响应与缺陷管理系统
JavaScript
Updated Dec 26, 2018
Automatic Reconnaissance and Scanning in Penetration Testing
Python
Updated Mar 9, 2019
Hawkeye filesystem analysis tool
Go
Updated Jul 21, 2018
Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new s…
Python
Updated Mar 21, 2019
List of considerations for commerce site auditing and security teams. This is summary of action points and areas that…
Updated Nov 28, 2017
A web crawler (for bug hunting) that gathers more than you can imagine.
Python
Updated Feb 2, 2019
A permutation generation tool written in golang
Go
Updated Mar 16, 2019
Simple Server Side Request Forgery services enumeration tool.
Ruby
Updated Aug 23, 2018
❄️ Research project for SubFinder core API V2
Audits performed by Solidified
Updated Feb 27, 2019
A python script designed to check if the website if vulnerable of clickjacking and create a poc
Python
Updated Mar 3, 2017
(Unofficial) Ruby wrapper for the Bugcrowd HTTP API
Ruby
Updated Feb 27, 2017
A private detective that gathers information you're not supposed to know about.
Python
Updated Feb 1, 2019
A curated list of awesome infosec blog posts, courses, books and more!
Updated Oct 31, 2018
A comprehensive curated list of available Blockchain Bug Bounty Programs.
Updated Feb 22, 2019
Exploit XXE Out-Of-Band Vulnerability Easily
Python
Updated Jul 28, 2016
Automatic finder for subdomains vulnerable to takeover. Written in Go, based on
@haccer's subjack.
Go
Updated Mar 4, 2019
This is a simple tool to automate google hacking when doing web penetration testing or bug hunting.
Python
Updated Oct 30, 2018
DNS resolver library allowing both DNS and DNS over HTTP
Updated Jul 12, 2018
Scans Subdomains and scans for a specific Port.
Python
Updated Jul 29, 2018
List of domains in scope for bug bounties (HackerOne, Bugcrowd, etc.)
Updated Mar 7, 2019
Just Some Tips & Tricks for BB found on the Internet :D
Updated Jun 4, 2018
Repositori ini berisi file-file vulnerable terhadap bug tertentu yang saya jadikan demo pada artikel yang saya tulis …
PHP
Updated Feb 16, 2019
