techgaun / github-dorks

Related projects ⓘ

Alternatives and complementary repositories for github-dorks

• RedSiege / EyeWitness
  EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
  ☆4,979Updated 2 weeks ago
• 1N3 / IntruderPayloads
  A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…
  ☆3,681Updated 3 years ago
• EdOverflow / can-i-take-over-xyz
  "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
  ☆4,856Updated 3 weeks ago
• snoopysecurity / awesome-burp-extensions
  A curated list of amazingly awesome Burp Extensions
  ☆2,988Updated 3 weeks ago
• sa7mon / S3Scanner
  Scan for misconfigured S3 buckets across S3-compatible APIs!
  ☆2,559Updated this week
• GerbenJavado / LinkFinder
  A python script that finds endpoints in JavaScript files
  ☆3,717Updated 6 months ago
• infosec-au / altdns
  Generates permutations, alterations and mutations of subdomains and then resolves them
  ☆2,328Updated 6 months ago
• almandin / fuxploider
  File upload vulnerability scanner and exploitation tool.
  ☆3,043Updated last year
• tomnomnom / waybackurls
  Fetch all the URLs that the Wayback Machine knows about for a domain
  ☆3,535Updated 6 months ago
• s0md3v / Arjun
  HTTP parameter discovery suite.
  ☆5,246Updated this week
• lc / gau
  Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
  ☆3,982Updated last week
• screetsec / Sudomy
  Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hu…
  ☆2,001Updated 4 months ago
• Bo0oM / fuzz.txt
  Potentially dangerous files
  ☆2,879Updated last week
• hisxo / gitGraber
  gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, G…
  ☆2,025Updated 3 months ago
• six2dez / OneListForAll
  Rockyou for web fuzzing
  ☆2,608Updated 2 months ago
• EdOverflow / bugbounty-cheatsheet
  A list of interesting payloads, tips and tricks for bug bounty hunters.
  ☆5,921Updated last year
• michenriksen / aquatone
  A Tool for Domain Flyovers
  ☆5,639Updated 2 years ago
• bugcrowd / HUNT
  ☆2,180Updated 11 months ago
• commixproject / commix
  Automated All-in-One OS Command Injection Exploitation Tool.
  ☆4,591Updated this week
• x90skysn3k / brutespray
  Bruteforcing from various scanner output - Automatically attempts default creds on found services.
  ☆2,035Updated this week
• haccer / subjack
  Subdomain Takeover tool written in Go
  ☆1,909Updated last year
• nahamsec / lazyrecon
  This script is intended to automate your reconnaissance process in an organized fashion
  ☆1,920Updated 3 years ago
• codingo / NoSQLMap
  Automated NoSQL database enumeration and web application exploitation tool.
  ☆2,912Updated 3 months ago
• pry0cc / axiom
  The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, f…
  ☆4,049Updated last month
• swisskyrepo / SSRFmap
  Automatic SSRF fuzzer and exploitation tool
  ☆2,986Updated 4 months ago
• guelfoweb / knock
  Knock Subdomain Scan
  ☆3,876Updated 3 months ago
• Nekmo / dirhunt
  Find web directories without bruteforce
  ☆1,764Updated last year
• 1N3 / BlackWidow
  A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
  ☆1,519Updated last year
• hahwul / dalfox
  🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
  ☆3,753Updated last month
• gquere / pwn_jenkins
  Notes about attacking Jenkins servers
  ☆1,961Updated 3 months ago