naufalan / Web-App-Methodology
Collection of web app methodology from initial recon into exploit known vulnerability. Used when conducting Bug Bounty, Penetration Testing, or CTF
☆13Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for Web-App-Methodology
- SubzzZ to find possible subdomains using passive recon. Tool also support Permutations, Mutations, Alterations.☆38Updated 3 years ago
- XSS Finder Via SSTI☆54Updated last year
- KARMA is a simple bash script automation that can hit Shodan Premium API and find active IPs, ASN, Common Vulnerabilities, CVEs & Open Po…☆58Updated 3 years ago
- 3klector is an automation Recon tool which collecting information about Acquisitions and ASN which related to Big Scope company☆49Updated 2 years ago
- Alternative to XSS Hunter for blind XSS.☆48Updated last year
- Blind spot is a python tool for blind injection vulnerabilities , SQLi time based , Command injection , code injection , SSTI☆27Updated 3 years ago
- Cool HackerOne Reports☆18Updated 2 years ago
- Stuff for bug bounty☆26Updated last year
- ☆38Updated 3 years ago
- Magic Header Blind Xss tool (deliver blind xss payloads in request headers).☆27Updated 3 years ago
- Enhanced 403 bypass header☆21Updated 2 years ago
- ☆32Updated last year
- It grep subdomains, email/username, build custom wordlist etc from gau results☆45Updated 2 years ago
- A solid recon tool I use personally.☆30Updated last year
- The wordlists that have been compiled using disclosed reports at HackerOne bug bounty platform☆9Updated 4 years ago
- Bug Bounty Recon wordlist Generator☆21Updated 4 years ago
- ☆43Updated 3 years ago
- These Repositories About My Recon Methodology To Give Some Idea For Other Hunter How To Do Recon☆43Updated 2 years ago
- Basic Bash Script to scrape all subdomains from crtsh in a single run☆18Updated 2 years ago
- Resolvers updated daily for reconftw☆46Updated last year
- Automation for Open Threat Exchange☆22Updated 8 months ago
- ☆22Updated 3 years ago
- ☆38Updated 3 years ago
- IIS shortname scanner + bruteforce☆49Updated 9 months ago
- I collected it to help the bug hunter get a reward☆55Updated 2 years ago
- Bugbounty utility to store list of enumerated subdomains into an sqlite3 db [one liner style / Pipe and save]☆28Updated 3 years ago