osamahamad / Sensitive-Data-Exposures-with-GithubLinks
Techniques / Tips and tricks for finding sensitive data exposures in Github for Penetration Testers / Bug Bounty Hunters
☆17Updated 5 years ago
Alternatives and similar repositories for Sensitive-Data-Exposures-with-Github
Users that are interested in Sensitive-Data-Exposures-with-Github are comparing it to the libraries listed below
Sorting:
- Credax - Fuzzing Tool with Slack Notifications. Also removes false positive responses.☆10Updated 3 years ago
- ☆10Updated 2 years ago
- JsValidator is a tool created for validating the JS files after crawlling it from waybackurls☆19Updated 2 years ago
- ☆21Updated 4 years ago
- Magic Header Blind Xss tool (deliver blind xss payloads in request headers).☆26Updated 4 years ago
- Some of the gf patterns which i use☆45Updated 3 years ago
- SubzzZ to find possible subdomains using passive recon. Tool also support Permutations, Mutations, Alterations.☆38Updated 4 years ago
- Oneliners curated from my experience and from the internet☆23Updated 4 years ago
- Blind spot is a python tool for blind injection vulnerabilities , SQLi time based , Command injection , code injection , SSTI☆26Updated 4 years ago
- Enhanced 403 bypass header☆21Updated 3 years ago
- This includes all the templates of nuclei collected from different sources☆17Updated 2 years ago
- A repo for tools, utils, and wrappers that are to small to put in their own repo.☆23Updated 2 years ago
- XSS Finder Via SSTI☆56Updated 2 years ago
- Some simple scripts that I use during bug bounty hunting in Android Apps☆28Updated 8 months ago
- gup aka Get All Urls parameters to create wordlists for brute forcing parameters.☆18Updated 3 years ago
- A simple utility to generate domain names with all possible TLDs☆24Updated 2 years ago
- Some Tutorials and Things to Help Bug Hunter☆30Updated 4 years ago
- collection of various grep patterns collected from tomnomnom/gf and other places☆23Updated 4 years ago
- Alternative to XSS Hunter for blind XSS.☆51Updated 2 years ago
- Cool HackerOne Reports☆22Updated 2 years ago
- ☆33Updated 4 years ago
- ☆21Updated 2 years ago
- A Tool to find subdomains from hackerone reports.☆17Updated 4 years ago
- A solid recon tool I use personally.☆30Updated 2 years ago
- ☆43Updated 4 years ago
- It grep subdomains, email/username, build custom wordlist etc from gau results☆48Updated 2 years ago
- Hidden input parameters finder☆18Updated 2 years ago
- All The Notes And Tips I FOund In Github And Twitter I Put Them Here☆35Updated 5 years ago
- An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.☆45Updated 4 years ago
- In this repo, I have created a subdomain enumeration function that grab subdomains in deep.☆22Updated 2 years ago