.doty

Bash script to automate installation of daily use Progs & Tools and customize your KDE

403bypasser

automate the procedure of 403 response code bypass

a-full-list-of-wordlists

this contain the burp pack

asnlookup

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

awesome-ctf

badblood

BadBlood by Secframe fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.

bash-hacks

little scripts of bash stuff that i've found handy.

bug-bounty-dorks

List of Google Dorks for sites that have responsible disclosure program / bug bounty program

bugcrowd-levelup-subdomain-enumeration

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

burp-bounty

Burp Bounty profiles

burpbounty

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

chomp-scan

A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.

commix

Automated All-in-One OS command injection and exploitation tool.

cwff

Create your Custom Wordlist For Fuzzing

dalfox

🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang

demondaddy22

The README says it all! Feel free to fork it to create your own README as well 🙂

dnsvalidator

Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.

dotfile

dtd-finder

List DTDs and generate XXE payloads using those local DTDs.

fav-up

IP lookup from favicon using Shodan

fireprox

AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation

fuxploider

File upload vulnerability scanner and exploitation tool.

fuzzdb

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

get-computer-info

Retrieves basic computer information from specified computers (a Windows PowerShell script).

getjs

A tool to fastly get all javascript sources/files

google-phishing-page

This is Google Phishing page is created for knowledge purpose , And You should Add the Sql data links,

grandstream_exploits

h4cker

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

hacker-scripts

Based on a true story

hackertargetrevlookup

HackerTarget.com Based Reverse IP lookup tool that saves domains from IP list