Github Search is a quite powerful and useful feature that can be used to search for sensitive data on repositories. Collection of Github dorks can reveal sensitive personal and/or organizational information such as private keys, credentials, authentication tokens, etc.This list is supposed to be useful performing pen-testing of systems.
☆21Aug 11, 2024Updated last year
Alternatives and similar repositories for github-recon
Users that are interested in github-recon are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 一个用于修改右键插件菜单层级的Burpsuite插件。A simple BurpSuite extension to change extension context menu level.☆14Jan 15, 2024Updated 2 years ago
- The tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.☆62Aug 19, 2024Updated last year
- A proof of concept program that pulls and parses security.txt files at mass.☆29May 31, 2023Updated 3 years ago
- Raven is a powerful and customizable web crawler written in Go.☆40Sep 3, 2024Updated last year
- ☆27Feb 10, 2026Updated 4 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- 蜜罐检测工具,支持自动化URL去重、多线程控制及智能速率限制。可识别伪装服务。☆16Jun 5, 2025Updated last year
- SQL Injection – Attack and Defense Strategies, published by Packt☆16Jan 30, 2023Updated 3 years ago
- KakHunt is a python GUI Tool private tool which earns me 100s of bugs every month. It spawns URLS and filters Sensitive Info.☆50Apr 27, 2023Updated 3 years ago
- Web Penetration Testing Course Materials☆30May 13, 2024Updated 2 years ago
- Find The Admin Panel & SQL Injection Endpoints, Using Google Dorks !!!☆28Nov 15, 2024Updated last year
- Some files for bruteforcing certain things.☆28Jul 12, 2021Updated 4 years ago
- List of groups that are carrying out cyber actions in the conflict between Israel and Iran.☆35May 26, 2026Updated last month
- ☆13Dec 21, 2023Updated 2 years ago
- XSS scanning with Dalfox on Github-action☆26Nov 26, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- BlackHat Asia 2025 code and presentations☆17Apr 13, 2025Updated last year
- Encode or decode base64 or base32 using a custom alphabet☆12Jan 29, 2019Updated 7 years ago
- ☆63Aug 22, 2024Updated last year
- A simple browser extension to quickly find interesting security-related information on a webpage.☆180May 15, 2026Updated last month
- Exploit for CVE-2024-20767 - Adobe ColdFusion☆34Dec 19, 2024Updated last year
- Run ffuf with the appropriate options to brute-force the directories using the awesome different wordlists.☆25Apr 19, 2023Updated 3 years ago
- Amassing wealth in the form of biochemical tactical nuclear hack precision strike notes for existential fulfillment and destruction of th…☆13Feb 19, 2022Updated 4 years ago
- Python tool for detecting subdomain takeover vulnerabilities by resolving CNAME records and checking for known error messages. It support…☆14Feb 2, 2025Updated last year
- Unauthorized Docker Exploitation Tool☆37Dec 24, 2023Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Ivanti Pulse Secure CVE-2023-46805 Scanner - Based on Assetnote's Research☆14Jan 19, 2024Updated 2 years ago
- This tool live-monitors specified Telegram channels for messages that contain certain keywords and forwards them to a private channel.☆39Oct 14, 2024Updated last year
- Command and Control Framework using powershell implants☆36Jun 17, 2025Updated last year
- A cheatsheet of tools and commands that I use to pentest Active Directory.☆54Mar 26, 2022Updated 4 years ago
- Burp extension used to snip any header from all the requests.☆24Nov 12, 2023Updated 2 years ago
- The OWASP Testing Guide v4.2 Checlist [2023]☆13Jan 15, 2023Updated 3 years ago
- CVE-2024-29895 PoC - Exploiting remote command execution in Cacti servers using the 1.3.X DEV branch builds☆23May 15, 2024Updated 2 years ago
- Given a string determine the possible hashing algorithms used to produce that string.☆17Nov 23, 2020Updated 5 years ago
- A tool which helps identifying client-side prototype polluting libraries☆39May 1, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Dump Kerberos tickets from the KCM database of SSSD☆59Dec 31, 2025Updated 6 months ago
- ☆10Jun 10, 2023Updated 3 years ago
- using ML models for red teaming☆43Aug 9, 2023Updated 2 years ago
- This script checks the status of URLs to see if they are alive or not.☆13Nov 22, 2024Updated last year
- Another pentest of a vulnerable windows server☆15Sep 17, 2021Updated 4 years ago
- MetaX - Advanced XSS Vulnerability Detector☆15Dec 30, 2025Updated 6 months ago
- SQLi Hunter is a tool designed to find potential SQL injection vulnerabilities by fetching URLs from the Wayback Machine and checking for…☆16Jun 4, 2025Updated last year