Github Search is a quite powerful and useful feature that can be used to search for sensitive data on repositories. Collection of Github dorks can reveal sensitive personal and/or organizational information such as private keys, credentials, authentication tokens, etc.This list is supposed to be useful performing pen-testing of systems.
☆21Aug 11, 2024Updated last year
Alternatives and similar repositories for github-recon
Users that are interested in github-recon are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- فایل ها و فیلم های ورکشاپ ردتیم 2024 با هانت لرن☆32Sep 15, 2024Updated last year
- 一个用于修改右键插件菜单层级的Burpsuite插件。A simple BurpSuite extension to change extension context menu level.☆14Jan 15, 2024Updated 2 years ago
- The tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.☆62Aug 19, 2024Updated last year
- A proof of concept program that pulls and parses security.txt files at mass.☆29May 31, 2023Updated 2 years ago
- Raven is a powerful and customizable web crawler written in Go.☆41Sep 3, 2024Updated last year
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- ☆25Feb 10, 2026Updated 2 months ago
- KakHunt is a python GUI Tool private tool which earns me 100s of bugs every month. It spawns URLS and filters Sensitive Info.☆49Apr 27, 2023Updated 2 years ago
- Web Penetration Testing Course Materials☆32May 13, 2024Updated last year
- Find The Admin Panel & SQL Injection Endpoints, Using Google Dorks !!!☆26Nov 15, 2024Updated last year
- Some files for bruteforcing certain things.☆27Jul 12, 2021Updated 4 years ago
- ☆13Dec 21, 2023Updated 2 years ago
- XSS scanning with Dalfox on Github-action☆26Nov 26, 2023Updated 2 years ago
- BlackHat Asia 2025 code and presentations☆18Apr 13, 2025Updated 11 months ago
- Encode or decode base64 or base32 using a custom alphabet☆12Jan 29, 2019Updated 7 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- AISecLists - Your AI Red Teaming Arsenal. Discover a curated collection of prompt lists for diverse AI security assessments, including LL…☆14Jan 18, 2025Updated last year
- A simple browser extension to quickly find interesting security-related information on a webpage.☆175Mar 26, 2026Updated 2 weeks ago
- Exploit for CVE-2024-20767 - Adobe ColdFusion☆34Dec 19, 2024Updated last year
- Run ffuf with the appropriate options to brute-force the directories using the awesome different wordlists.☆25Apr 19, 2023Updated 2 years ago
- Amassing wealth in the form of biochemical tactical nuclear hack precision strike notes for existential fulfillment and destruction of th…☆13Feb 19, 2022Updated 4 years ago
- Python tool for detecting subdomain takeover vulnerabilities by resolving CNAME records and checking for known error messages. It support…☆15Feb 2, 2025Updated last year
- Unauthorized Docker Exploitation Tool☆37Dec 24, 2023Updated 2 years ago
- Nuclei POC 模板☆10Feb 17, 2023Updated 3 years ago
- This tool live-monitors specified Telegram channels for messages that contain certain keywords and forwards them to a private channel.☆38Oct 14, 2024Updated last year
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- header-fuzz allows you to fuzz any HTTP header with a wordlist and evaluate success or failure based on the returning HTTP status code.☆16Apr 15, 2020Updated 5 years ago
- Command and Control Framework using powershell implants☆36Jun 17, 2025Updated 9 months ago
- A cheatsheet of tools and commands that I use to pentest Active Directory.☆53Mar 26, 2022Updated 4 years ago
- Burp extension used to snip any header from all the requests.☆23Nov 12, 2023Updated 2 years ago
- ☆18Oct 1, 2025Updated 6 months ago
- The OWASP Testing Guide v4.2 Checlist [2023]☆13Jan 15, 2023Updated 3 years ago
- CVE-2024-29895 PoC - Exploiting remote command execution in Cacti servers using the 1.3.X DEV branch builds☆23May 15, 2024Updated last year
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Oct 9, 2024Updated last year
- Dump Kerberos tickets from the KCM database of SSSD☆56Dec 31, 2025Updated 3 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A tool which helps identifying client-side prototype polluting libraries☆39May 1, 2025Updated 11 months ago
- ☆10Jun 10, 2023Updated 2 years ago
- using ML models for red teaming☆43Aug 9, 2023Updated 2 years ago
- This script checks the status of URLs to see if they are alive or not.☆13Nov 22, 2024Updated last year
- MetaX - Advanced XSS Vulnerability Detector☆15Dec 30, 2025Updated 3 months ago
- Another pentest of a vulnerable windows server☆15Sep 17, 2021Updated 4 years ago
- SQLi Hunter is a tool designed to find potential SQL injection vulnerabilities by fetching URLs from the Wayback Machine and checking for…☆15Jun 4, 2025Updated 10 months ago