masatokinugawa / HTTPLeaks

Related projects: ⓘ

• gwen001 / actarus
  Actarus is a custom tool for bug bounty
  ☆75Updated 4 years ago
• ak1t4 / open-redirect-scanner
  ☆207Updated this week
• 0ang3el / EasyCSRF
  ☆160Updated 6 years ago
• appsecco / practical-recon-levelup0x02
  This repository contains all the material from the talk "Practical recon techniques for bug hunters & pentesters" given at Bugcrowd Level…
  ☆60Updated 5 years ago
• mystech7 / Burp-Hunter
  XSS Hunter Burp Plugin
  ☆148Updated 6 years ago
• err0rr / SSTI
  ☆38Updated 4 years ago
• OrOneEqualsOne / reconned
  ☆115Updated this week
• ngalongc / Security_list
  ☆31Updated this week
• gursev / flash-xdomain-xploit
  ActionScript Proof of Concept to perform cross-domain reads
  ☆45Updated 11 years ago
• yasinS / bug-bounty-reference
  Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
  ☆36Updated 6 years ago
• koto / gitpillage
  Pillage a git repo found in an accessible web root
  ☆59Updated 13 years ago
• melvinsh / subresolve
  Resolve and quickly portscan a list of (sub)domains.
  ☆85Updated 8 years ago
• Team-Firebugs / Burp-LFI-tests
  Fuzzing for LFI using Burpsuite
  ☆58Updated 7 years ago
• federicodotta / HandyCollaborator
  Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!
  ☆103Updated 6 years ago
• sethsec / crossdomain-exploitation-framework
  Everything you need to exploit overly permissive crossdomain.xml files
  ☆86Updated 9 years ago
• emadshanab / facebook-bug-bounty-writeups
  Facebook Bug Bounties
  ☆101Updated 3 years ago
• sawzeeyy / Sanitiz3r
  A python script that filters, checks the validity, generates clickable link(s) of subdomain(s), and reports their status
  ☆89Updated 3 years ago
• maK- / scanomaly-2years
  This is a web application fuzzer scanner - the goal was CLI flexibility and rapid prototyping
  ☆46Updated 4 years ago
• bugbounty-site / exploits
  ☆45Updated this week
• ajinabraham / WebAppSec
  Web Application Security
  ☆121Updated 3 months ago
• JordyZomer / autoSubTakeover
  A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking ou…
  ☆130Updated last year
• EdOverflow / proof-of-concepts
  A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
  ☆162Updated 4 years ago
• karelorigin / XSS-Problems
  ☆34Updated 4 years ago
• zigoo0 / Pemburu
  Pemburu AKA GoldDigger.
  ☆72Updated 4 years ago
• ollseg / ttt-ext
  Chrome extension to aid in finding DOMXSS by simple taint analysis of string values.
  ☆82Updated 5 years ago
• securityidiots / CollabOzark
  CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.
  ☆136Updated 4 years ago
• 7ioSecurity / XSS-Payloads
  XSS Payloads
  ☆46Updated 8 years ago
• gradiuscypher / bounty_tools
  Various tools for managing bug bounty recon and exploration.
  ☆46Updated last year
• cujanovic / subdomain-bruteforce-list
  subdomain bruteforce list
  ☆96Updated 2 years ago
• SmeegeSec / Burp-Importer
  Burp Suite Importer - Connect to multiple web servers while populating the sitemap.
  ☆48Updated 4 years ago