alifathi-h1 / gh_scanner
GH Scanner Tool is written in Python3 and designed for penetration testers and bug bounty hunters to scan Organization/User repositories for leaks such as GitHub Token, AWS Access Keys, Slack Webhooks, Firebase, Private Keys and more.
☆33Updated 5 months ago
Related projects ⓘ
Alternatives and complementary repositories for gh_scanner
- Dump all available paths and/or endpoints on WADL file.☆90Updated this week
- It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.☆55Updated 2 years ago
- A tool for testing subdomain takeover possibilities at a mass scale.☆48Updated 3 years ago
- Host Header Injection Checker☆79Updated 2 years ago
- Automate the process of an S3 bucket subdomain takeover via dangling CNAME record☆25Updated 5 months ago
- A collection of scripts for bug-bounty related stuff☆38Updated 4 years ago
- Basically a regexp over a GitHub search.☆62Updated last year
- My recon script☆51Updated 4 years ago
- SubzzZ to find possible subdomains using passive recon. Tool also support Permutations, Mutations, Alterations.�☆38Updated 3 years ago
- An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.☆43Updated 3 years ago
- Framework to automate Bug Bounty Reconnaissance☆42Updated 3 years ago
- KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Po…☆58Updated 3 years ago
- Shodan Favicon Hash Generator By Aziz Hakim @eternyle☆24Updated 5 months ago
- Burpsuite Plugin to detect Directory Traversal vulnerabilities☆28Updated 3 years ago
- SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files☆36Updated 3 years ago
- #JavascriptRecon #bugbounty☆22Updated 3 years ago
- Wrapper around LinkFinder to quickly determine whether endpoints have been added/removed to JavaScript files.☆40Updated 4 years ago
- sub domain wild card filtering tool☆41Updated 4 years ago
- A modular URL deduplication tool.☆18Updated last year
- a tool that compiles a csv of all h1 program stats☆46Updated last year
- My Tools For Bug Bounty☆63Updated last month
- Extracting api keys and secrets by requesting each url at the your list.☆16Updated 4 months ago
- A list of Awesome Bughunting oneliners , collected from the various sources☆65Updated last year
- Recon for Department of Defense HackerOne program☆45Updated 6 years ago
- Some wordlists collected form github to all bug bounty hunters.☆27Updated 3 years ago
- It grep subdomains, email/username, build custom wordlist etc from gau results☆45Updated 2 years ago
- Some of my bug bounty tools☆47Updated 5 years ago