Repo containing walkthroughs to possibly pwn Admin Panels and Exposed Consoles
☆17Sep 20, 2024Updated last year
Alternatives and similar repositories for how-to-pwn-xyz
Users that are interested in how-to-pwn-xyz are comparing it to the libraries listed below
Sorting:
- This Tool To Test Machine Keys In View State☆85Oct 11, 2024Updated last year
- A comprehensive toolkit for ethical security testing of Cross-Site Scripting (XSS) vulnerabilities. Features a CLI tool for automated pay…☆16Jan 23, 2026Updated last month
- Process URLs and remove duplicate query parameters.☆27Mar 19, 2024Updated last year
- ♥☆177Sep 7, 2025Updated 6 months ago
- A tool to slice URLs into directory levels☆19Jan 16, 2026Updated last month
- ☆18Jul 21, 2025Updated 7 months ago
- ☆18Apr 13, 2023Updated 2 years ago
- This Chromium extension scans the page for external iFrames, Scripts, and Styles, logs them to the console, and checks if their domains a…☆68Jan 6, 2026Updated 2 months ago
- A small script for my recon during bug hunting. Needs some modifications☆17Mar 5, 2020Updated 6 years ago
- GitHub Pages☆17Jul 25, 2018Updated 7 years ago
- AI Substitutor is an extension for Burp Suite that uses AI functionality to substitute values of HTTP request parameters and headers.☆27Apr 30, 2025Updated 10 months ago
- https://www.nu11secur1ty.com☆22Feb 15, 2026Updated 3 weeks ago
- ☆53Jun 22, 2025Updated 8 months ago
- ☆27Jul 5, 2023Updated 2 years ago
- 🔍 SubWatch – Automated Subdomain Monitoring Script☆40Jun 13, 2025Updated 8 months ago
- PoC for leaking text nodes via CSS injection☆25Jul 27, 2024Updated last year
- Private Nuclei Templates☆100Feb 24, 2025Updated last year
- A tool for monitoring bug bounty programs across multiple platforms to track scope changes.☆32Updated this week
- Modern real world bug bounty payloads and exploitation techniques with may earn you some $$$.☆29Nov 7, 2023Updated 2 years ago
- collectvars collects JavaScript variables, highlights risky ones, and helps you understand code structure, while you casually browse.☆33Aug 28, 2024Updated last year
- Results from analyzing data gathered from 1.6 billion subdomains☆32Oct 15, 2024Updated last year
- ☆30Oct 21, 2021Updated 4 years ago
- crtdumper is a Go application designed to interact directly with Certificate Transparency (CT) logs servers and extract domain names fro…☆41Jun 22, 2024Updated last year
- Passive Web Vulnerability Detection Tool☆37May 5, 2025Updated 10 months ago
- Supertruder but better☆31Mar 10, 2023Updated 3 years ago
- I provide educational resources in this repository for starting bug hunting from scratch. The content will be updated over time! Also, I …☆32Jul 13, 2023Updated 2 years ago
- ☆88Sep 20, 2024Updated last year
- CT Log Scanner☆516Dec 26, 2025Updated 2 months ago
- AISecLists - Your AI Red Teaming Arsenal. Discover a curated collection of prompt lists for diverse AI security assessments, including LL…☆13Jan 18, 2025Updated last year
- This tool automates the process of running FFUF (Fuzz Faster U Fool) and post-processing its results to extract valid URLs. It supports b…☆36Nov 5, 2024Updated last year
- Gotta go fast☆154Dec 5, 2025Updated 3 months ago
- Looks for parameters in urls☆34Oct 14, 2024Updated last year
- Detect Program Bug Bounty☆42Jun 12, 2025Updated 8 months ago
- The OWASP Testing Guide v4.2 Checlist [2023]☆13Jan 15, 2023Updated 3 years ago
- ☆47Jan 14, 2024Updated 2 years ago
- Quick Command Cheatsheet, you can import/open directly to you ONE NOTE.☆10Updated this week
- MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.☆286Oct 5, 2024Updated last year
- This repo contains different variants of Bug Bounty & Security & Pentest & Tech related Articles☆55Jan 7, 2025Updated last year
- Gather results of dorks across a number of search engines☆280Jan 22, 2026Updated last month