enciphers-team / WebHacking-Training-Resources
This repo hosts multiple codes, content, checklists etc which can help a penetration tester in a web application auditing.
☆21Updated last year
Related projects ⓘ
Alternatives and complementary repositories for WebHacking-Training-Resources
- Offsec Pentest and Bug Bounty Notes☆23Updated 4 years ago
- Flask powered website to display tweets with a hashtag #bugbountytip☆16Updated 4 years ago
- Instant access to you bug bounty submission dashboard on various platforms + publicly disclosed reports + #bugbountytip☆20Updated 4 years ago
- ☆36Updated 5 years ago
- My recon script☆51Updated 4 years ago
- Day by day Lots of Newbie Come into bug Bounty They ask Social Site about Bug Bounty Site, So That's why I open My Hunted All Site.☆32Updated 4 years ago
- Subvenkon is a subdomain enumerator from Venkon☆23Updated 4 years ago
- Get all possible href | src | url from target url or domain☆41Updated 4 years ago
- RECON Notes taking from every fucking book about bugbounty and web-app penetration testing exists☆20Updated 4 years ago
- Simple tool to test for SSRF/OOB HTTP Read within the Path of a request☆30Updated 5 years ago
- S3 bucket finder from html,js and bucket misconfiguration testing tool☆33Updated 4 years ago
- Bug Bounty statistics tool.☆28Updated last year
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆51Updated 3 years ago
- An entry level resource to learning bug bounty.☆24Updated 6 years ago
- List out all of payload for security testing☆20Updated 2 years ago
- Bug Bounty Tools☆33Updated 4 years ago
- KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Po…☆58Updated 3 years ago
- Lab that will help you to understand how type juggling vulnerability works.☆22Updated 4 years ago
- Recon Custom WordList Ganerator☆56Updated 4 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆41Updated last year
- Literally spray blind xss payloads everywhere.☆25Updated 2 years ago
- part of my wordlist to bruteforce DNS to find subdoamains.☆62Updated 3 years ago
- Wheres My Git - Find /.git/config files based on dirs found in home url☆20Updated 2 years ago
- web-based-fuzzer☆32Updated 4 years ago
- Now use your favorite Google Dorks techniques to find vulnerabilities and earn Bounties.☆31Updated 4 years ago
- A Payload Injector for bugbounties written in go☆71Updated 4 years ago