This is your work, valued
Certified Ethical Hacker | Penetration Tester | Bug Hunter | Security Researcher
NucleiFuzzer. NucleiFuzzer is a robust automation tool that efficiently detects web application vulnerabilities, including XSS, SQLi, SSRF, and Open Redirects, leveraging advanced scanning and URL enumeration techniques
1.9kNucleiScanner. NucleiScanner is a Powerful Automation tool for detecting Unknown Vulnerabilities in the Web Applications
347ParamSpider. Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
166BugBountyTools. A-to-Z Bug Bounty Hunting Tools
121Custom-Nuclei-Templates. Community curated list of templates for the nuclei engine to find security vulnerabilities.
106A-to-Z-Vulnerabilities. This is a Kind of Dictionary which contains all kinds of Web Application and Network Security Vulnerabilities and other security concepts in an Alphabetical Order
103fuzzing-templates. Community curated list of nuclei templates for finding "unknown" security vulnerabilities.
37JaelesFuzzer. JaelesFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications
22OpenRedirector. OpenRedirector is a powerful automation tool for detecting Open Redirect vulnerabilities in web applications
19NetFuzzer. NetFuzzer is a comprehensive network security assessment tool for internal and external network components, including Host Machines, Firewalls, Routers, Switches, Active Directory, SMBs, Printers, etc.
15Common-Protocols. A Dictionary of Common-Protocols such as TCP, UDP, ICMP and VoIP
13Shodanizer. An advanced automation tool for optimizing Shodan scans, providing swift insights into potential vulnerabilities for both IP addresses and domains
11PentestingEverything. Web | Mobile | API | Thick Client | Source Code Review | Wireless | Network Pentesting etc...
11awesome-bugbounty-tools. A curated list of various bug bounty tools
4wayBackLister. A New Approach to Directory Bruteforce with WaybackLister v1.0
3Recon-Tools. Recon-Tools
3osmedeus. A Workflow Engine for Offensive Security
3NucleiFuzzing. NucleiFuzzing
3osint_toolkit. A full stack web application that combines many tools and services for security analysts into a single tool.
3Pentest-CheatSheets. A collection of snippets of codes and commands to make your life easier!
3Networking-Key-Terminology. Networking Key Terminologies
3jaeles-signatures. Default signature for Jaeles Scanner
2CVE-2023-33246. CVE-2023-33246 - Apache RocketMQ config RCE
2hackGPT. I leverage OpenAI and ChatGPT to do hackerish things
2burp-suite-labs. Port Swigger Labs divided on the based of level and topic.
2Nuclei-Templates-Collection. Nuclei Templates Collection
2freeCodeCamp-Stock-Price-Checker. Freecodecamp - Stock Price Checker
2RustScan. 🤖 The Modern Port Scanner 🤖
2Vulnerabilities-Unmasked. This repo tries to explain complex security vulnerabilities in simple terms that even a five-year-old can understand!
2One-Liners. A collection of one-liners for bug bounty hunting.
2Subdomain-Enumeration. Subdomain Enumeration Automation script
2xss_payload. 8000+ XSS Payloads
2DetectDee. DetectDee: Hunt down social media accounts by username, email or phone across social networks.
2nuclei-templates. Community curated list of templates for the nuclei engine to find security vulnerabilities.
2AllForOne. AllForOne - Nuclei Template Collector
2ScanReflectedSSTI. Template Nuclei SSTI
1vulnerability-Checklist. This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
1httpXplorer. httpXplorer is a web-based application specifically designed for efficient URL management and analysis of the projectdiscovery's httpx tools results. It allows users upload the httpx JSON output file, analyze URLs, status codes, web technologies, other information, sort the URLs based on their status codes, and focus on specific subdomains.
1nuclei-templates-initial-access. A standalone collection of widely used technologies with default credentials enabled, which can be utilized for establishing an initial foothold in broad-scope Red-Team engagements, VAPT (Vulnerability Assessment and Penetration Testing), or general bug bounty programs.
1awesome-oscp. A curated list of awesome OSCP resources
1APKDeepLens. Android security insights in full spectrum.
1OWASP-Secure-Coding-Checklist. OWASP Secure Coding Practices Checklist
1argus. The Ultimate Information Gathering Toolkit
1Windows10Exploits. Microsoft » Windows 10 : Security Vulnerabilities
1ghsec-jaeles-signatures. Signatures for jaeles scanner by @j3ssie
1xssrecon. XSSRecon automates the process of testing URL parameters for reflection of a test payload rix4uni and further checks how special characters are handled (allowed, blocked, or converted).
1Awesome-Bug-Bounty. This is my personal repo, which includes bug bounty tips, a collection of tools, one-liners, and other resources I personally prefer while hunting. It is still under development, so feel free to contribute.
1XSpear. 🔱 Powerfull XSS Scanning and Parameter analysis tool&gem
1rengine. Python
1GarudRecon. An automated recon tool for asset discovery and vulnerability scanning using open-source tools. Supports XSS, SQLi, LFI, RCE, IIS, Open Redirect, Swagger UI, .git exposures and more.
1Fast-Google-Dorks-Scan. The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widespread file types and path traversal. The 100% automated.
1top25-parameter. For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
1awesome-vulnerable-apps. Awesome Vulnerable Applications
1bug-bounty-dorks. List of Google Dorks for sites that have responsible disclosure program / bug bounty program
1awesome-api-security. A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
1Mobile-Security-Framework-MobSF. Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
1BugBase. CTF
1web-methodology. Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
1awesome-bughunting-oneliners. A list of Awesome Bughunting oneliners , collected from the various sources
1