streaak / hacks
Small snippets and scripts which I use
☆34Updated 4 years ago
Alternatives and similar repositories for hacks:
Users that are interested in hacks are comparing it to the libraries listed below
- sub domain wild card filtering tool☆41Updated 4 years ago
- It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.☆56Updated 2 years ago
- Wrapper around LinkFinder to quickly determine whether endpoints have been added/removed to JavaScript files.☆41Updated 5 years ago
- Dump all available paths and/or endpoints on WADL file.☆90Updated this week
- qsinject (Query String Inject) is a tool that allows you to quickly substitute query string values with regex matches, one-at-a-time.☆30Updated 4 years ago
- Instant access to you bug bounty submission dashboard on various platforms + publicly disclosed reports + #bugbountytip☆21Updated 4 years ago
- commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. …☆40Updated 3 years ago
- An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.☆43Updated 4 years ago
- Host Header Injection Checker☆80Updated 2 years ago
- A Payload Injector for bugbounties written in go☆70Updated 4 years ago
- A collection of famous recon public scripts, but in bash <3☆27Updated 3 years ago
- Converts a hostname (or URI) to IP address using your local resolver☆24Updated 10 months ago
- A tool for testing subdomain takeover possibilities at a mass scale.☆49Updated 3 years ago
- Simple tool to test for SSRF/OOB HTTP Read within the Path of a request☆30Updated 5 years ago
- Some of my bug bounty tools☆48Updated 5 years ago
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆51Updated 3 years ago
- Send notifications on different channels such as Slack, Telegram, Discord etc.☆39Updated last year
- A collection of scripts for bug-bounty related stuff☆38Updated 4 years ago
- a tool that compiles a csv of all h1 program stats☆46Updated last year
- My recon script☆51Updated 5 years ago
- 🖇 Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline☆59Updated 2 months ago
- 0x0p1n3r is set of combination of other tools and one line scripts to find subdomains easily and to check subdomain takeover☆57Updated 4 years ago
- Virtual host wordlist☆51Updated 4 years ago
- Extracts subdomains from a specified domain using https://recon.dev.☆16Updated 4 years ago
- ☆38Updated 4 years ago
- ☆10Updated last year
- Get all possible href | src | url from target url or domain☆41Updated 4 years ago
- Collection of content discovery wordlists in one wordlist.☆38Updated 3 years ago
- AWS S3 open bucket poc automated script.☆56Updated 3 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆44Updated 2 years ago