RECON Notes taking from every fucking book about bugbounty and web-app penetration testing exists
☆19Feb 29, 2020Updated 6 years ago
Alternatives and similar repositories for WebHackingNotes
Users that are interested in WebHackingNotes are comparing it to the libraries listed below
Sorting:
- Subvenkon is a subdomain enumerator from Venkon☆22Jun 22, 2020Updated 5 years ago
- ☆12Feb 18, 2022Updated 4 years ago
- ☆13Feb 14, 2022Updated 4 years ago
- Tool to try multiple paths for PHPunit RCE CVE-2017-9841☆29Oct 18, 2021Updated 4 years ago
- A set of tools, procedures, and playbooks for performing bug bounties☆17Dec 2, 2018Updated 7 years ago
- a tool that gets all paths at robots.txt and opens it in the browser.☆14Aug 2, 2019Updated 6 years ago
- A really simple utility to concate wordlists to a domain name - to pipe into your favourite resolver!☆86Apr 3, 2020Updated 5 years ago
- Web CTF CheatSheet 🐈☆33Apr 10, 2019Updated 6 years ago
- ☆11Jul 28, 2020Updated 5 years ago
- Check url is live (*HTTP status code "200 ok" only*).☆15Jun 13, 2020Updated 5 years ago
- Built on a lazy Sunday after seeing this tweet (https://twitter.com/intigriti/status/1272145863868104705?s=20) I present to you, Paramete…☆51Jun 14, 2020Updated 5 years ago
- ☆15Feb 9, 2022Updated 4 years ago
- A collection of awesome one-liner scripts especially for bug bounty tips.☆15Sep 8, 2020Updated 5 years ago
- Host Header Injection Checker☆84Mar 2, 2022Updated 4 years ago
- A BurpSuite plugin for BBRF☆25Nov 17, 2024Updated last year
- ☆57Sep 2, 2020Updated 5 years ago
- Tools and resources for web app hacking. The payloads.txt documents are a must have for your Burpsuite intruder payload armory. They've h…☆28Jun 10, 2019Updated 6 years ago
- whoareyou is a tool to find the underlying technology/software used in a list of websites passed through stdin (using Wappalyzer dataset)☆32Jun 15, 2020Updated 5 years ago
- Simple tool to test for SSRF/OOB HTTP Read within the Path of a request☆30Aug 2, 2019Updated 6 years ago
- Take a list of URIs and print all the of the paths☆10Aug 16, 2020Updated 5 years ago
- In this repo I collect all commands, links, techniques and tricks i found during my work as pentester, hacker, OSCP student and hack the …☆64Dec 21, 2020Updated 5 years ago
- Tool for checking reflecting Parameters in a URL.☆10Aug 31, 2020Updated 5 years ago
- Scrap Latest Information Security Resources☆35Nov 30, 2020Updated 5 years ago
- A collection of commands, scripts, tips, tricks, and other information compiled during my journey to obtaining the OSCP certification.☆25Dec 13, 2020Updated 5 years ago
- ☆12May 16, 2020Updated 5 years ago
- ☆32Dec 30, 2022Updated 3 years ago
- ☆11Aug 27, 2020Updated 5 years ago
- ☆44Apr 30, 2021Updated 4 years ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SS…☆174Nov 11, 2020Updated 5 years ago
- A one liner Bash command which finds CORS in every possible endpoint.☆150Jan 1, 2021Updated 5 years ago
- This Burp extension helps you to find usages of postMessage and recvMessage☆14Feb 20, 2020Updated 6 years ago
- A structured, actionable penetration testing methodology and checklist covering end-to-end engagement phases.☆29Updated this week
- A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bul…☆99Jul 10, 2021Updated 4 years ago
- A Payload Injector for bugbounties written in go☆70Jul 18, 2020Updated 5 years ago
- Discovery Header Bug Bounty to DoD☆49Aug 20, 2021Updated 4 years ago
- 4xxbypass☆66Mar 29, 2021Updated 4 years ago
- This tool is for automate the initial things that we usually do in daily pentesting. So you can focus more on the main target.☆77Nov 10, 2019Updated 6 years ago
- phishfactory offers a variety of email templates for spear-phishing attacks. [more templates to still be added]☆19Jan 4, 2021Updated 5 years ago
- ☆11Jun 19, 2024Updated last year