Collection of scripts that I use while bug hunting
☆48Jun 10, 2023Updated 2 years ago
Alternatives and similar repositories for hacks
Users that are interested in hacks are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Tool for testing reflections in the HTTP responses☆60Jun 10, 2023Updated 2 years ago
- XSS payloads for bypassing WAF. This repository is updating continuously.☆10Aug 8, 2021Updated 4 years ago
- ☆100Mar 6, 2023Updated 3 years ago
- About Recon Tools,Methodology and writeups☆18Dec 16, 2023Updated 2 years ago
- All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)☆305Mar 12, 2024Updated 2 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Hand-made Improved Nuclei Templates!🪴☆13Jun 12, 2023Updated 2 years ago
- ☆20Apr 5, 2023Updated 3 years ago
- My Priv8 Nuclei Templates☆340May 12, 2024Updated last year
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆377Jul 25, 2023Updated 2 years ago
- Never forget where you inject.☆300Aug 15, 2025Updated 8 months ago
- Supertruder but better☆31Mar 10, 2023Updated 3 years ago
- i will upload more templates here to share with the comunity.☆569Apr 17, 2024Updated 2 years ago
- ☆35Aug 15, 2020Updated 5 years ago
- ☆15May 6, 2023Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Stay on the beat with SubHound - receive notifications for new subdomains on Telegram and Discord! 🐶🎵☆17Jun 4, 2023Updated 2 years ago
- Kyuubi is a Telegram bot written in Golang. a multipurpose telegram bot to use in recon process. Don't you have access to terminal to do …☆12Oct 11, 2023Updated 2 years ago
- DepFine Is a tool to find the unregistered dependency based on dependency confusion valunerablility and lead to RCE☆28Nov 28, 2021Updated 4 years ago
- A tool to extract all the urls and paths found in the content of a page (js sources included)☆22Aug 8, 2025Updated 8 months ago
- Fetch Javascript sourcemaps, bounty hunter style☆46May 21, 2023Updated 2 years ago
- ☆17Sep 15, 2023Updated 2 years ago
- Basic Bash Script to scrape all subdomains from crtsh in a single run☆19May 23, 2022Updated 3 years ago
- AutoRecon-XSS is a script designed for automated reconnaissance of XSS vulnerabilities. It crawls the target URL or alive domains, extrac…☆132Feb 27, 2024Updated 2 years ago
- Authorization-Nuclei-Templates��☆39Sep 16, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Xssor.go is a xss reflections checker for urls☆72Mar 22, 2023Updated 3 years ago
- ☆66Aug 25, 2021Updated 4 years ago
- A powerful Burp Suite extension that imports Postman collections☆31Aug 1, 2025Updated 9 months ago
- JSNotify is a Python script designed to monitor JavaScript files in a specified directory for changes. This tool can be used by developer…☆18Nov 15, 2023Updated 2 years ago
- ☆60Oct 9, 2024Updated last year
- A path-normalization pentesting tool.☆153Apr 2, 2026Updated last month
- A comprehensive reconnaissance and vulnerability scanning tool that combines multiple security assessment capabilities into a single auto…☆27Jun 24, 2025Updated 10 months ago
- Yet Another 403 Bypass Tool☆12Feb 19, 2023Updated 3 years ago
- Quickly generate context-specific wordlists for content discovery from lists of URLs or paths☆239May 4, 2022Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be …☆60May 10, 2022Updated 3 years ago
- A curated list of daily learnings, writeups, blogs, tips and everything related to hacking☆12Feb 5, 2023Updated 3 years ago
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist☆1,512Jan 8, 2026Updated 3 months ago
- The Serverless Blind XSS App☆340Mar 28, 2026Updated last month
- Astra is a tool to find URLs and secrets inside a webpage/files☆212Mar 14, 2023Updated 3 years ago
- Search for sensitive data in Postman public library. Original work from https://github.com/cosad3s/postleaks☆32Feb 13, 2026Updated 2 months ago
- Open-Source Phishing Toolkit☆20May 23, 2021Updated 4 years ago