List HackerOne private program assets
☆154Jun 24, 2021Updated 4 years ago
Alternatives and similar repositories for h1passets
Users that are interested in h1passets are comparing it to the libraries listed below
Sorting:
- a tool that compiles a csv of all h1 program stats☆49Jul 2, 2023Updated 2 years ago
- Get the scope of your bugcrowd programs☆67Dec 4, 2020Updated 5 years ago
- Continuous monitoring for JavaScript files☆225Dec 29, 2019Updated 6 years ago
- ☆30Jun 27, 2022Updated 3 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- Script for monitoring changes in javascript files on WebApps for offensive reconnaissance.☆28Aug 4, 2021Updated 4 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆318May 22, 2023Updated 2 years ago
- Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers …☆147Apr 12, 2024Updated last year
- List of configuration files from WEB-INF and META-INF for use in Unvalidated Forwards and JSP Include vulnerabilities.☆84Mar 23, 2018Updated 7 years ago
- Repo of useful scripts☆104Jun 30, 2020Updated 5 years ago
- Broken Link Hijacking Burp Extension☆57Sep 13, 2019Updated 6 years ago
- Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common m…☆75Mar 22, 2024Updated last year
- ☆24Jan 26, 2021Updated 5 years ago
- Trying to make automated recon for bug bounties☆255May 3, 2021Updated 4 years ago
- A tool to bruteforce nameservers when working with subdomain delegations to AWS.☆58Aug 22, 2019Updated 6 years ago
- You can read the writeup on this script here☆273Jul 12, 2020Updated 5 years ago
- A simple tool to detect wildcards domain based on Amass's wildcards detector.☆65Apr 13, 2021Updated 4 years ago
- differer finds how URLs are parsed by different languages in order to help bug hunters break filters☆63May 3, 2020Updated 5 years ago
- Turbo Intruder Scripts☆228Jun 11, 2020Updated 5 years ago
- sub domain wild card filtering tool☆40Apr 18, 2020Updated 5 years ago
- Custom scripts for the PIPER Burp extensions.☆97Sep 24, 2023Updated 2 years ago
- Tests for SSRF by injecting a specified location into different headers. This is a Rust port of m4ll0k's tool.☆37Jul 7, 2020Updated 5 years ago
- A simple SSRF-testing sheriff written in Go☆336Oct 31, 2024Updated last year
- Tool for catching and logging different types of requests.☆220Nov 20, 2020Updated 5 years ago
- ☆57Sep 2, 2020Updated 5 years ago
- PostMessage extension☆102Aug 28, 2019Updated 6 years ago
- secretz, minimizing the large attack surface of Travis CI☆324May 30, 2022Updated 3 years ago
- Extract relative urls from a heap snapshot☆87May 30, 2021Updated 4 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆648Feb 21, 2024Updated 2 years ago
- CircleCI log and security configuration automations☆22Sep 20, 2020Updated 5 years ago
- Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures t…☆213Mar 31, 2020Updated 5 years ago
- Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.☆93Jul 9, 2025Updated 7 months ago
- 🐙 Cross-document messaging security research tool powered by https://enso.security☆301May 22, 2023Updated 2 years ago
- ☆34Feb 15, 2021Updated 5 years ago
- Dump all available paths and/or endpoints on WADL file.☆98Nov 24, 2025Updated 3 months ago
- A really simple utility to concate wordlists to a domain name - to pipe into your favourite resolver!☆87Apr 3, 2020Updated 5 years ago
- BountyDash is a tool to combine your rewards from all platforms, giving you insights about your progress and bug hunting patterns.☆163Apr 24, 2025Updated 10 months ago
- A collection of code for interacting with API sources directly to improve your understanding of those services.☆66Dec 11, 2020Updated 5 years ago
- A fuzzer made in golang for finding issues like xss, lfi, rce, ssti...that detects issues using change in content length and verify it us…☆62Oct 25, 2020Updated 5 years ago