Some random scripts. Just trying to be like the cool kids.
☆101Jul 1, 2018Updated 7 years ago
Alternatives and similar repositories for hacks
Users that are interested in hacks are comparing it to the libraries listed below
Sorting:
- A tool for fetching archived URLs (to be rewritten in Go).☆41Jul 19, 2018Updated 7 years ago
- Simple wrapper for meg that sieves through meg's output for you.☆59Oct 25, 2019Updated 6 years ago
- Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]☆305Oct 14, 2018Updated 7 years ago
- Reverse engineers GQL Schema and generates template payloads☆46Apr 5, 2019Updated 6 years ago
- This is a small extension to make graphql readable☆30Dec 14, 2018Updated 7 years ago
- A formula to calculate bounty amounts.☆15Dec 2, 2017Updated 8 years ago
- Guidelines for writing secure code for Python developers.☆22Apr 23, 2017Updated 8 years ago
- A static website template for security pages.☆54Jul 19, 2025Updated 8 months ago
- Simple multi threaded tool to extract domain related data from commoncrawl.org☆31Jul 17, 2018Updated 7 years ago
- A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.☆166Nov 6, 2019Updated 6 years ago
- Uses Go net/http library to distinguish alive hosts from a give list of hosts/urls☆12Dec 23, 2019Updated 6 years ago
- secretz, minimizing the large attack surface of Travis CI☆324May 30, 2022Updated 3 years ago
- A CLI tool to interact with hackerone.com. This was my submission for HackerOne's Summer 2018 Hack Day.☆41Aug 2, 2018Updated 7 years ago
- A tool that can help detect and takeover subdomains with dead DNS records☆12Aug 23, 2018Updated 7 years ago
- Continuous monitoring for JavaScript files☆225Dec 29, 2019Updated 6 years ago
- A toolset to track and organize output of reconnaissance tools☆349Jan 3, 2018Updated 8 years ago
- ☆126Sep 2, 2019Updated 6 years ago
- Amazon S3 bucket spelunking!☆87Aug 23, 2017Updated 8 years ago
- Collection of scripts that aid in penetration testing of JSON Web Tokens☆59Feb 2, 2019Updated 7 years ago
- An example of high-QPS requesting Burp Intruder style on AWS Lambda via self-invocation.☆22Nov 15, 2018Updated 7 years ago
- The repository for Building visualisation platforms for OSINT data using open source solutions☆29Aug 21, 2018Updated 7 years ago
- Tool for CVE-2018-16323☆82Jan 17, 2019Updated 7 years ago
- A playground to practice SSRF Attacks against web apps☆17Oct 15, 2018Updated 7 years ago
- a parser + crawler for .DS_Store files exposed publically☆56Jun 6, 2023Updated 2 years ago
- Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will m…☆99Dec 30, 2019Updated 6 years ago
- A list of universities with vulnerability disclosure policies☆13Jul 10, 2020Updated 5 years ago
- The Bug Bounty Wiki☆173Oct 31, 2018Updated 7 years ago
- A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any yea…☆78Mar 8, 2018Updated 8 years ago
- Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains …☆224Dec 7, 2022Updated 3 years ago
- An OSINT tool to find contacts in order to report security vulnerabilities.☆268Jan 27, 2020Updated 6 years ago
- QUESTER is a Web Pentesting & Bug Bounty Recon tool which queries URLs / Subdomains from the given list of URLs or subdomains.☆15Aug 2, 2021Updated 4 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆265Nov 18, 2021Updated 4 years ago
- This document proposes a way of standardising the structure, language, and grammar used in security policies.☆26Jan 29, 2018Updated 8 years ago
- badbucket checks your s3 bucket for common misconfigurations☆24Jun 25, 2017Updated 8 years ago
- A tool to find sensitive keys and passwords in Travis logs☆139Jun 27, 2021Updated 4 years ago
- Print out URL schemas from an Android app☆128Feb 9, 2025Updated last year
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆26Dec 12, 2018Updated 7 years ago
- Extracting URLs of a specific target based on the results of "commoncrawl.org"☆275Dec 4, 2025Updated 3 months ago
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆93Aug 27, 2019Updated 6 years ago