0xdevalias / wordlists
A place to store my own wordlists, and link to others that are useful
☆104Updated 10 months ago
Related projects: ⓘ
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.☆136Updated 4 years ago
- Repo of useful scripts☆104Updated 4 years ago
- This repository contains all the material from the talk "Practical recon techniques for bug hunters & pentesters" given at Bugcrowd Level…☆60Updated 5 years ago
- Push notifications for passive DNS data☆105Updated 8 years ago
- HTTP parameter discovery suite.☆94Updated 4 years ago
- This tool is for automate the initial things that we usually do in daily pentesting. So you can focus more on the main target.☆77Updated 4 years ago
- A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking ou…☆130Updated last year
- Suite of programs meant to aid in bug hunting and security assessments☆75Updated 4 years ago
- ☆119Updated 7 years ago
- ☆28Updated 3 years ago
- subdomain bruteforce list☆96Updated 2 years ago
- A simple Cherry Tree template that can be used to organize bug bounties☆33Updated 5 years ago
- Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will m…☆100Updated 4 years ago
- A tool to hunt for publicly accessible DigitalOcean Spaces☆154Updated 4 years ago
- Fetch known urls from AlienVault's Open Threat Exchange for given hosts☆59Updated 5 years ago
- Various Payload wordlists☆233Updated 4 years ago
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆153Updated last year
- Cross Origin Resource Sharing MisConfiguration Scanner☆167Updated 2 years ago
- A collection of scripts to extend Burp Suite☆138Updated 5 years ago
- Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers …☆141Updated 5 months ago
- ☆61Updated this week
- ☆184Updated 5 years ago
- A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys☆152Updated last year
- Bug Bounty Dork☆67Updated 2 years ago
- ☆52Updated this week
- A combined wordlists for files and directory discovery☆115Updated 3 years ago
- Resolve and quickly portscan a list of (sub)domains.☆85Updated 8 years ago
- BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities☆106Updated last year
- ☆86Updated this week
- Reclaim control of your Burp Suite Repeater tabs with this powerful extension☆65Updated 3 years ago