pr0xh4ck / infosec-tips
Infosec writeups, Bug bounty tips, Tweets & Many more that are picked from around the world || I personally use it || I try to mend it daily. So, stay tuned and learn something
☆14Updated 2 years ago
Related projects: ⓘ
- Python script implementing the favicon hash trick to find subdomains.☆26Updated last year
- XSS scanning with Dalfox on Github-action☆23Updated 9 months ago
- ☆14Updated this week
- WebApp intentionally made vulnerable to Race Condition for practicing Race Condition☆22Updated 2 years ago
- H&E- Burp Highlighter and Extractor☆17Updated last year
- Related subdomains finder☆29Updated 2 years ago
- Simple recon tool automates your recon process☆15Updated last year
- Web application recon for bug bounty☆20Updated 4 years ago
- A powerful and clean bash script to dump and extract information from Project Discovery's Chaos Project https://chaos.projectdiscovery.io…☆24Updated 2 years ago
- This page should help you with the recon for security issues.☆21Updated last year
- Automate bug bounty recon using bash alias☆14Updated last month
- Xss payload for bypassing waf☆13Updated 4 years ago
- Extracting api keys and secrets by requesting each url at the your list.☆16Updated 2 months ago
- A simple tool which makes creating nuclei templates even easier.☆35Updated 2 months ago
- Creating a Database for Mass Recon☆12Updated 3 years ago
- Find CVEs that don't have a Detectify modules.☆21Updated last year
- This repository has workflows created for https://github.com/RikunjSindhwad/Task-Ninja☆22Updated last month
- OpenBugBounty - https://www.openbugbounty.org/ programs list☆22Updated 3 years ago
- Several scripts are based on the Netlas.io search engine. They will allow you to carry out the reconnaissance phase before the pen test i…☆32Updated last month
- ☆38Updated 3 years ago
- ☆24Updated this week
- This bash script tool, will perform advanced subdomain enumeration, save the results, it will then probe the subdomains into urls, save t…☆20Updated 2 weeks ago
- An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.☆43Updated 2 years ago
- Quick tool to create custom wordlists like how fuzzers work☆11Updated 11 months ago
- A collection of one off hacks and simple scripts☆26Updated last year
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆48Updated 2 years ago
- Credax - Fuzzing Tool with Slack Notifications. Also removes false positive responses.☆10Updated 2 years ago
- OSCP Preperation☆12Updated 3 years ago
- Rockyou for web fuzzing☆13Updated 2 years ago
- Custom scripts for directory fuzzing, subdomain enumeration, and more.☆43Updated 2 years ago