eslam3kl Goto Github PK

3klcon

Automation Recon tool which works with Large & Medium scopes. It performs a lot of tasks and gets back all the results in separated files.

3klector

3klector is an automation Recon tool which collecting information about Acquisitions and ASN which related to Big Scope company

arp-spoofer

This tool used to be MITM Attack. To be in the middle between 2 machines like victim machine and the router.

awesome-cve-poc

✍️ A curated list of CVE PoCs.

crtfinder

Fast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques

domain-to-ip-converter

Domain2IP Converter

exphub

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

explorer

Explorer is a very useful tool which will help you in the Recon phase in Bug Bounty hunting or Web Pentesting. It can perform a lot of things individually or all together.

gf-patterns

GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep

gg-dorking

GG Dorking is a tool to generate GitHub and Google dorking for pentesters and bug bounty hunters.

mac_changer

This is simple tool to change your MAC address in specific Interface. This tool written in python.

my_cves

This repository contain all my assigned CVEs. Some of them are public and the other will be published soon.

netscanner

This simple tool is used ot get the IPs and MAC addresses of the devices which connect to your network.

packsniff

PackSniff tool is used to sniff the packet which come to your machine after performing ARP Spoofing as a part of the Man-In-The-Middle attacks.

quick-pentest-scripts

small straightforward quick scripts

reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

seclists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

securitytesting

shodomain

Shodan subdomain finder

sholister

ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be used from Penetration Tester and Bug Bounty Hunters.

sqlidetector

Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases.