This is your work, valued

Hyderabad, Telangana, India

Satya Prakash

Expert
@0xKayala

Certified Ethical Hacker | Penetration Tester | Bug Hunter | Security Researcher

NucleiFuzzer. NucleiFuzzer is a robust automation tool that efficiently detects web application vulnerabilities, including XSS, SQLi, SSRF, and Open Redirects, leveraging advanced scanning and URL enumeration techniques

1.9k

NucleiScanner. NucleiScanner is a Powerful Automation tool for detecting Unknown Vulnerabilities in the Web Applications

347

ParamSpider. Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing

166

BugBountyTools. A-to-Z Bug Bounty Hunting Tools

121

Custom-Nuclei-Templates. Community curated list of templates for the nuclei engine to find security vulnerabilities.

106

A-to-Z-Vulnerabilities. This is a Kind of Dictionary which contains all kinds of Web Application and Network Security Vulnerabilities and other security concepts in an Alphabetical Order

103

fuzzing-templates. Community curated list of nuclei templates for finding "unknown" security vulnerabilities.

37

JaelesFuzzer. JaelesFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications

22

OpenRedirector. OpenRedirector is a powerful automation tool for detecting Open Redirect vulnerabilities in web applications

19

NetFuzzer. NetFuzzer is a comprehensive network security assessment tool for internal and external network components, including Host Machines, Firewalls, Routers, Switches, Active Directory, SMBs, Printers, etc.

15

Common-Protocols. A Dictionary of Common-Protocols such as TCP, UDP, ICMP and VoIP

13

Shodanizer. An advanced automation tool for optimizing Shodan scans, providing swift insights into potential vulnerabilities for both IP addresses and domains

11

PentestingEverything. Web | Mobile | API | Thick Client | Source Code Review | Wireless | Network Pentesting etc...

11

awesome-bugbounty-tools. A curated list of various bug bounty tools

4

wayBackLister. A New Approach to Directory Bruteforce with WaybackLister v1.0

3

Recon-Tools. Recon-Tools

3

osmedeus. A Workflow Engine for Offensive Security

3

NucleiFuzzing. NucleiFuzzing

3

osint_toolkit. A full stack web application that combines many tools and services for security analysts into a single tool.

3

Pentest-CheatSheets. A collection of snippets of codes and commands to make your life easier!

3

Networking-Key-Terminology. Networking Key Terminologies

3

jaeles-signatures. Default signature for Jaeles Scanner

2

CVE-2023-33246. CVE-2023-33246 - Apache RocketMQ config RCE

2

hackGPT. I leverage OpenAI and ChatGPT to do hackerish things

2

burp-suite-labs. Port Swigger Labs divided on the based of level and topic.

2

Nuclei-Templates-Collection. Nuclei Templates Collection

2

freeCodeCamp-Stock-Price-Checker. Freecodecamp - Stock Price Checker

2

RustScan. 🤖 The Modern Port Scanner 🤖

2

Vulnerabilities-Unmasked. This repo tries to explain complex security vulnerabilities in simple terms that even a five-year-old can understand!

2

One-Liners. A collection of one-liners for bug bounty hunting.

2

Subdomain-Enumeration. Subdomain Enumeration Automation script

2

xss_payload. 8000+ XSS Payloads

2

DetectDee. DetectDee: Hunt down social media accounts by username, email or phone across social networks.

2

nuclei-templates. Community curated list of templates for the nuclei engine to find security vulnerabilities.

2

AllForOne. AllForOne - Nuclei Template Collector

2

ScanReflectedSSTI. Template Nuclei SSTI

1

vulnerability-Checklist. This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter

1

httpXplorer. httpXplorer is a web-based application specifically designed for efficient URL management and analysis of the projectdiscovery's httpx tools results. It allows users upload the httpx JSON output file, analyze URLs, status codes, web technologies, other information, sort the URLs based on their status codes, and focus on specific subdomains.

1

nuclei-templates-initial-access. A standalone collection of widely used technologies with default credentials enabled, which can be utilized for establishing an initial foothold in broad-scope Red-Team engagements, VAPT (Vulnerability Assessment and Penetration Testing), or general bug bounty programs.

1

awesome-oscp. A curated list of awesome OSCP resources

1

APKDeepLens. Android security insights in full spectrum.

1

OWASP-Secure-Coding-Checklist. OWASP Secure Coding Practices Checklist

1

argus. The Ultimate Information Gathering Toolkit

1

Windows10Exploits. Microsoft » Windows 10 : Security Vulnerabilities

1

ghsec-jaeles-signatures. Signatures for jaeles scanner by @j3ssie

1

xssrecon. XSSRecon automates the process of testing URL parameters for reflection of a test payload rix4uni and further checks how special characters are handled (allowed, blocked, or converted).

1

Awesome-Bug-Bounty. This is my personal repo, which includes bug bounty tips, a collection of tools, one-liners, and other resources I personally prefer while hunting. It is still under development, so feel free to contribute.

1

XSpear. 🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

1

rengine. Python

1

GarudRecon. An automated recon tool for asset discovery and vulnerability scanning using open-source tools. Supports XSS, SQLi, LFI, RCE, IIS, Open Redirect, Swagger UI, .git exposures and more.

1

Fast-Google-Dorks-Scan. The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widespread file types and path traversal. The 100% automated.

1

top25-parameter. For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

1

awesome-vulnerable-apps. Awesome Vulnerable Applications

1

bug-bounty-dorks. List of Google Dorks for sites that have responsible disclosure program / bug bounty program

1

awesome-api-security. A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

1

Mobile-Security-Framework-MobSF. Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

1

BugBase. CTF

1

web-methodology. Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki

1

awesome-bughunting-oneliners. A list of Awesome Bughunting oneliners , collected from the various sources

1