List HackerOne private program assets
☆154Jun 24, 2021Updated 4 years ago
Alternatives and similar repositories for h1passets
Users that are interested in h1passets are comparing it to the libraries listed below
Sorting:
- a tool that compiles a csv of all h1 program stats☆49Jul 2, 2023Updated 2 years ago
- Continuous monitoring for JavaScript files☆225Dec 29, 2019Updated 6 years ago
- Get the scope of your bugcrowd programs☆67Dec 4, 2020Updated 5 years ago
- Script for monitoring changes in javascript files on WebApps for offensive reconnaissance.☆28Aug 4, 2021Updated 4 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers …☆147Apr 12, 2024Updated last year
- ☆30Jun 27, 2022Updated 3 years ago
- differer finds how URLs are parsed by different languages in order to help bug hunters break filters☆63May 3, 2020Updated 5 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆317May 22, 2023Updated 2 years ago
- Repo of useful scripts☆104Jun 30, 2020Updated 5 years ago
- Turbo Intruder Scripts☆229Jun 11, 2020Updated 5 years ago
- ☆24Jan 26, 2021Updated 5 years ago
- Broken Link Hijacking Burp Extension☆57Sep 13, 2019Updated 6 years ago
- You can read the writeup on this script here☆274Jul 12, 2020Updated 5 years ago
- List of configuration files from WEB-INF and META-INF for use in Unvalidated Forwards and JSP Include vulnerabilities.☆84Mar 23, 2018Updated 7 years ago
- secretz, minimizing the large attack surface of Travis CI☆324May 30, 2022Updated 3 years ago
- Detects request smuggling via HTTP/2 downgrades.☆94Jul 30, 2022Updated 3 years ago
- A tool to bruteforce nameservers when working with subdomain delegations to AWS.☆58Aug 22, 2019Updated 6 years ago
- Simple script to get your private/public or both programs using the Hackerone graphql.☆22Jan 24, 2020Updated 6 years ago
- ☆57Sep 2, 2020Updated 5 years ago
- CircleCI log and security configuration automations☆22Sep 20, 2020Updated 5 years ago
- Custom scripts for the PIPER Burp extensions.☆97Sep 24, 2023Updated 2 years ago
- Service-Now Article Bruteforcer☆16Jun 5, 2020Updated 5 years ago
- Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common m…☆75Mar 22, 2024Updated last year
- Extract relative urls from a heap snapshot☆87May 30, 2021Updated 4 years ago
- A highly configurable Framework for easy automated web scanning☆382Jul 13, 2020Updated 5 years ago
- Trying to make automated recon for bug bounties☆255May 3, 2021Updated 4 years ago
- Dump all available paths and/or endpoints on WADL file.☆98Nov 24, 2025Updated 3 months ago
- List DTDs and generate XXE payloads using those local DTDs.☆651Feb 21, 2024Updated 2 years ago
- A permutation generation tool written in golang☆210Jul 15, 2019Updated 6 years ago
- unicode abnormalizer to takes a unicode string and abnormalizes it by character replacment☆26Jun 27, 2020Updated 5 years ago
- Tool for catching and logging different types of requests.☆220Nov 20, 2020Updated 5 years ago
- jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints.☆154Feb 15, 2021Updated 5 years ago
- A Go implementation of dirsearch.☆43Mar 10, 2019Updated 7 years ago
- DNS and Target HTTP History Local Storage and Search☆63Feb 14, 2021Updated 5 years ago
- Making Favicon.ico based Recon Great again !☆1,269Aug 29, 2023Updated 2 years ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆2,063Jan 2, 2024Updated 2 years ago
- BountyDash is a tool to combine your rewards from all platforms, giving you insights about your progress and bug hunting patterns.☆163Apr 24, 2025Updated 10 months ago
- sub domain wild card filtering tool☆40Apr 18, 2020Updated 5 years ago