RECON Notes taking from every fucking book about bugbounty and web-app penetration testing exists
☆19Feb 29, 2020Updated 6 years ago
Alternatives and similar repositories for WebHackingNotes
Users that are interested in WebHackingNotes are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Subvenkon is a subdomain enumerator from Venkon☆22Jun 22, 2020Updated 5 years ago
- ☆12Feb 18, 2022Updated 4 years ago
- ☆13Feb 14, 2022Updated 4 years ago
- Tool to try multiple paths for PHPunit RCE CVE-2017-9841☆29Oct 18, 2021Updated 4 years ago
- A set of tools, procedures, and playbooks for performing bug bounties☆18Dec 2, 2018Updated 7 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- gorobots - robots.txt recon & path discovery in Go. Structured parsing, 29-category sensitivity classification, concurrent path probing, …☆16Apr 10, 2026Updated 2 weeks ago
- A really simple utility to concate wordlists to a domain name - to pipe into your favourite resolver!☆86Apr 3, 2020Updated 6 years ago
- Web CTF CheatSheet 🐈☆33Apr 10, 2019Updated 7 years ago
- ☆11Jul 28, 2020Updated 5 years ago
- Check url is live (*HTTP status code "200 ok" only*).☆15Jun 13, 2020Updated 5 years ago
- Built on a lazy Sunday after seeing this tweet (https://twitter.com/intigriti/status/1272145863868104705?s=20) I present to you, Paramete…☆52Jun 14, 2020Updated 5 years ago
- ☆15Feb 9, 2022Updated 4 years ago
- A collection of awesome one-liner scripts especially for bug bounty tips.☆15Sep 8, 2020Updated 5 years ago
- Host Header Injection Checker☆84Mar 2, 2022Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆57Sep 2, 2020Updated 5 years ago
- Tools and resources for web app hacking. The payloads.txt documents are a must have for your Burpsuite intruder payload armory. They've h…☆28Jun 10, 2019Updated 6 years ago
- whoareyou is a tool to find the underlying technology/software used in a list of websites passed through stdin (using Wappalyzer dataset)☆32Jun 15, 2020Updated 5 years ago
- Simple tool to test for SSRF/OOB HTTP Read within the Path of a request☆30Aug 2, 2019Updated 6 years ago
- Take a list of URIs and print all the of the paths☆10Aug 16, 2020Updated 5 years ago
- Tool for checking reflecting Parameters in a URL.☆10Aug 31, 2020Updated 5 years ago
- Scrap Latest Information Security Resources☆35Nov 30, 2020Updated 5 years ago
- A collection of commands, scripts, tips, tricks, and other information compiled during my journey to obtaining the OSCP certification.☆25Dec 13, 2020Updated 5 years ago
- A BurpSuite plugin for BBRF☆26Nov 17, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆12May 16, 2020Updated 5 years ago
- ☆32Dec 30, 2022Updated 3 years ago
- ☆11Aug 27, 2020Updated 5 years ago
- ☆44Apr 30, 2021Updated 5 years ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SS…☆175Nov 11, 2020Updated 5 years ago
- A one liner Bash command which finds CORS in every possible endpoint.☆151Jan 1, 2021Updated 5 years ago
- This Burp extension helps you to find usages of postMessage and recvMessage☆14Feb 20, 2020Updated 6 years ago
- A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bul…☆98Jul 10, 2021Updated 4 years ago
- A Payload Injector for bugbounties written in go☆70Jul 18, 2020Updated 5 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Discovery Header Bug Bounty to DoD☆49Aug 20, 2021Updated 4 years ago
- 4xxbypass☆66Mar 29, 2021Updated 5 years ago
- This tool is for automate the initial things that we usually do in daily pentesting. So you can focus more on the main target.☆77Nov 10, 2019Updated 6 years ago
- ☆11Jun 19, 2024Updated last year
- Cross Origin Resource Sharing MisConfiguration Scanner☆172Nov 17, 2021Updated 4 years ago
- Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers …☆146Apr 12, 2024Updated 2 years ago
- Misc. Public Reports of Penetration Testing and Security Audits.☆37Jan 8, 2021Updated 5 years ago