alifathi-h1 / gh_scannerLinks
GH Scanner Tool is written in Python3 and designed for penetration testers and bug bounty hunters to scan Organization/User repositories for leaks such as GitHub Token, AWS Access Keys, Slack Webhooks, Firebase, Private Keys and more.
☆34Updated last week
Alternatives and similar repositories for gh_scanner
Users that are interested in gh_scanner are comparing it to the libraries listed below
Sorting:
- A tool for testing subdomain takeover possibilities at a mass scale.☆49Updated 4 years ago
- Shodan Favicon Hash Generator By Aziz Hakim @eternyle☆25Updated last year
- a tool that compiles a csv of all h1 program stats☆47Updated 2 years ago
- It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.☆58Updated 3 years ago
- Dump all available paths and/or endpoints on WADL file.☆93Updated last month
- Host Header Injection Checker☆81Updated 3 years ago
- An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.☆45Updated 4 years ago
- Wrapper around LinkFinder to quickly determine whether endpoints have been added/removed to JavaScript files.☆41Updated 5 years ago
- NodeJS script to extract assets for the Apple bug bounty program from their security acknowledgments page for bug bounty recon.☆78Updated 2 years ago
- Feed it a list of subdomains, it will resolve them and tell you which ones are internal☆92Updated 3 years ago
- My recon script☆50Updated 5 years ago
- KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Po…☆59Updated 3 years ago
- ☆27Updated 5 years ago
- This tool aims at accumulating javascript files from a given set of subdomains to discover hidden endpoints. It swims through JS files to…☆47Updated 2 years ago
- A collection of scripts for bug-bounty related stuff☆38Updated 4 years ago
- Alternative to XSS Hunter for blind XSS.☆51Updated 2 years ago
- Extract endpoints marked as disallow in robots files to generate wordlists.☆57Updated 3 years ago
- ☆14Updated 4 years ago
- 🖇 Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline☆59Updated 7 months ago
- ☆38Updated 4 years ago
- commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. …☆41Updated 4 years ago
- SubzzZ to find possible subdomains using passive recon. Tool also support Permutations, Mutations, Alterations.☆38Updated 4 years ago
- A simple tool which makes creating nuclei templates even easier.☆37Updated last year
- My Tools For Bug Bounty☆66Updated 9 months ago
- Open Redirect scanner - (out of date)☆29Updated 2 years ago
- Framework to automate Bug Bounty Reconnaissance☆44Updated 4 years ago
- Just lists of lists of lists !☆16Updated last week
- GH-Takeover — GitHub Pages Sub-domain Takeover Automation!☆29Updated 4 years ago
- Converts a hostname (or URI) to IP address using your local resolver☆25Updated last year
- sonarbyte is a simple and fast subdomain scanner written in go to extract subdomain from Rapid7's DNS Database using omnisint's api.☆27Updated 2 years ago