nahamsec / lazyrecon

Related projects: ⓘ

• nahamsec / bbht
  A script to set up a quick Ubuntu 17.10 x64 box with tools I use.
  ☆1,148Updated 2 months ago
• tomnomnom / httprobe
  Take a list of domains and probe for working HTTP and HTTPS servers
  ☆2,821Updated 2 months ago
• tomnomnom / assetfinder
  Find domains and subdomains related to a given domain
  ☆2,971Updated 3 months ago
• hakluke / weaponised-XSS-payloads
  XSS payloads designed to turn alert(1) into P1
  ☆1,315Updated last year
• devanshbatham / ParamSpider
  Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
  ☆2,461Updated 2 months ago
• tomnomnom / waybackurls
  Fetch all the URLs that the Wayback Machine knows about for a domain
  ☆3,435Updated 4 months ago
• tomnomnom / hacks
  A collection of hacks and one-off scripts
  ☆2,119Updated last year
• 0xInfection / XSRFProbe
  The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
  ☆1,089Updated 4 months ago
• tomnomnom / meg
  Fetch many paths for many hosts - without killing the hosts
  ☆1,587Updated 7 months ago
• snoopysecurity / awesome-burp-extensions
  A curated list of amazingly awesome Burp Extensions
  ☆2,943Updated 2 months ago
• infosec-au / altdns
  Generates permutations, alterations and mutations of subdomains and then resolves them
  ☆2,299Updated 4 months ago
• GerbenJavado / LinkFinder
  A python script that finds endpoints in JavaScript files
  ☆3,638Updated 5 months ago
• EdOverflow / can-i-take-over-xyz
  "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
  ☆4,756Updated last week
• assetnote / wordlists
  Automated & Manual Wordlists provided by Assetnote
  ☆1,284Updated last month
• m4ll0k / BBTz
  BBT - Bug Bounty Tools (examples💡)
  ☆1,695Updated 5 months ago
• gwen001 / github-search
  A collection of tools to perform searches on GitHub.
  ☆1,320Updated last year
• codingo / Interlace
  Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
  ☆1,192Updated 4 months ago
• haccer / subjack
  Subdomain Takeover tool written in Go
  ☆1,892Updated last year
• mandatoryprogrammer / xsshunter
  The XSS Hunter service - a portable version of XSSHunter.com
  ☆1,472Updated last year
• screetsec / Sudomy
  Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hu…
  ☆1,962Updated 2 months ago
• bugcrowd / HUNT
  ☆2,163Updated 9 months ago
• codingo / Reconnoitre
  A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, al…
  ☆2,101Updated last year
• AlexisAhmed / BugBountyToolkit
  A multi-platform bug bounty toolkit that can be installed on Debian/Ubuntu or set up with Docker.
  ☆1,081Updated last year
• jaeles-project / jaeles
  The Swiss Army knife for automated Web Application Testing
  ☆2,141Updated 4 months ago
• six2dez / OneListForAll
  Rockyou for web fuzzing
  ☆2,547Updated 3 weeks ago
• nsonaniya2010 / SubDomainizer
  A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
  ☆1,706Updated 3 months ago
• swisskyrepo / SSRFmap
  Automatic SSRF fuzzer and exploitation tool
  ☆2,937Updated 3 months ago
• m4ll0k / SecretFinder
  SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
  ☆1,960Updated 3 months ago
• gquere / pwn_jenkins
  Notes about attacking Jenkins servers
  ☆1,949Updated 2 months ago
• jdonsec / AllThingsSSRF
  This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
  ☆1,209Updated 3 years ago