Collection of scripts that I use while bug hunting
☆48Jun 10, 2023Updated 2 years ago
Alternatives and similar repositories for hacks
Users that are interested in hacks are comparing it to the libraries listed below
Sorting:
- Tool for testing reflections in the HTTP responses☆60Jun 10, 2023Updated 2 years ago
- ☆20Apr 5, 2023Updated 2 years ago
- ☆99Mar 6, 2023Updated 3 years ago
- My Priv8 Nuclei Templates☆338May 12, 2024Updated last year
- All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)☆304Mar 12, 2024Updated last year
- Hand-made Improved Nuclei Templates!🪴☆13Jun 12, 2023Updated 2 years ago
- XSS payloads for bypassing WAF. This repository is updating continuously.☆10Aug 8, 2021Updated 4 years ago
- A curated list of daily learnings, writeups, blogs, tips and everything related to hacking☆12Feb 5, 2023Updated 3 years ago
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆374Jul 25, 2023Updated 2 years ago
- Supertruder but better☆31Mar 10, 2023Updated 2 years ago
- ☆35Aug 15, 2020Updated 5 years ago
- Kyuubi is a Telegram bot written in Golang. a multipurpose telegram bot to use in recon process. Don't you have access to terminal to do …☆12Oct 11, 2023Updated 2 years ago
- ☆15May 6, 2023Updated 2 years ago
- Stay on the beat with SubHound - receive notifications for new subdomains on Telegram and Discord! 🐶🎵☆17Jun 4, 2023Updated 2 years ago
- Documentation and cheatsheets about CTF and pentest (mirror of https://gitlab.com/xanhacks/ctf-docs).☆13Aug 23, 2023Updated 2 years ago
- Never forget where you inject.☆298Aug 15, 2025Updated 6 months ago
- JSNotify is a Python script designed to monitor JavaScript files in a specified directory for changes. This tool can be used by developer…☆18Nov 15, 2023Updated 2 years ago
- ☆17Sep 15, 2023Updated 2 years ago
- Xssor.go is a xss reflections checker for urls☆71Mar 22, 2023Updated 2 years ago
- About Recon Tools,Methodology and writeups☆18Dec 16, 2023Updated 2 years ago
- i will upload more templates here to share with the comunity.☆567Apr 17, 2024Updated last year
- ☆66Jan 14, 2023Updated 3 years ago
- Authorization-Nuclei-Templates☆39Sep 16, 2024Updated last year
- A tool to extract all the urls and paths found in the content of a page (js sources included)☆22Aug 8, 2025Updated 6 months ago
- Fetch Javascript sourcemaps, bounty hunter style☆42May 21, 2023Updated 2 years ago
- Small tool to automate SSRF wordpress and XMLRPC finder☆82Dec 10, 2022Updated 3 years ago
- Open-Source Phishing Toolkit☆20May 23, 2021Updated 4 years ago
- A path-normalization pentesting tool.☆151Jan 22, 2026Updated last month
- Continuous Reconnaissance and Vulnerability Scanning for Bug Bounties☆18Jun 6, 2024Updated last year
- ☆13May 24, 2023Updated 2 years ago
- This is an IDA plugin to recover class information from C++ binary.☆19Aug 4, 2020Updated 5 years ago
- An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.☆45Feb 10, 2021Updated 5 years ago
- AutoRecon-XSS is a script designed for automated reconnaissance of XSS vulnerabilities. It crawls the target URL or alive domains, extrac…☆133Feb 27, 2024Updated 2 years ago
- ☆25Jun 15, 2025Updated 8 months ago
- Basic Bash Script to scrape all subdomains from crtsh in a single run☆19May 23, 2022Updated 3 years ago
- Astra is a tool to find URLs and secrets inside a webpage/files☆212Mar 14, 2023Updated 2 years ago
- ☆57Sep 2, 2020Updated 5 years ago
- Collect XSS vulnerable parameters from entire domain.☆155Jul 29, 2022Updated 3 years ago
- The Serverless Blind XSS App☆338Feb 21, 2026Updated last week