This is your work, valued
Founder of Sn1perSecurity LLC. Creator of Sn1per and SILENTCHAIN AI. Top 20 worldwide on @BugCrowd in 2016. OSCE/OSCP/CISSP/Security+
Sn1per. Automated penetration testing & attack surface management platform. Recon, scan, exploit, report — 600+ exploits, 90+ integrations, 10K+ detections.
10kIntruderPayloads. A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
4kBruteX. Automatically brute force all services running on a target.
2.3kFindsploit. Find exploits in local and online databases instantly
1.8kBlackWidow. A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
1.8kPrivEsc. A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
992ReverseAPK. Quickly analyze and reverse engineer Android packages
865Goohak. Automatically Launch Google Hacking Queries Against A Target Domain
740Wordpress-XMLRPC-Brute-Force-Exploit. Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield
499MassBleed. MassBleed SSL Vulnerability Scanner
247Exploits. Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity
208PRISM-AP. An automated Wireless RogueAP MITM attack framework.
191XSSTracer. A small python script to check for Cross-Site Tracing (XST)
133AttackSurfaceManagement. Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
105HTTPoxyScan. HTTPoxy Exploit Scanner by 1N3 @CrowdShield
104PowerExfil. A collection of data exfiltration scripts for Red Team assessments.
96SuperMicro-Password-Scanner. Supermicro IPMI/BMC Cleartext Password Scanner
42CloudHunter. Find unreferenced AWS S3 buckets which have CloudFront CNAME records pointing to them
361N3. Sr. Penetration Tester. Creator of Sn1per. Top 20 worldwide on @BugCrowd in 2016. OSCE/OSCP/CISSP/Security+
28CTF-Writeups. CTF Writeups
16forbidden. Bypass 4xx HTTP response status codes and more. Based on PycURL.
16Sublist3r. Fast subdomains enumeration tool for penetration testers
14gitGraber. gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
14IPGeoLocation. Retrieve IP Geolocation information
14Amass. In-depth Attack Surface Mapping and Asset Discovery
13DirDar. DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it
13jexboss. JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
12LinkFinder. A python script that finds endpoints in JavaScript files
10massdns. A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
10InfoSec-Black-Friday. All the deals for InfoSec related software/tools this Black Friday
9CVE-2018-15473-Exploit. Exploit written in Python for CVE-2018-15473 with threading and export formats
8rapiddns. Rapidly enumerate subdomains and domains using rapiddns.io.
7github-endpoints. Find endpoints on GitHub.
3slurp. S3 bucket enumerator
3