This is your work, valued
I'm an ethical hacker researcher and love to help people learn about computer security.
ssrf-king. SSRF plugin for burp Automates SSRF Detection in all of the Request
630bxss. Blind XSS Scanner is a tool that can be used to scan for blind XSS vulnerabilities in web applications.
416TProxer. A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.
184pathbuster. A path-normalization pentesting tool.
152ssrf-tool. Go
145erebus. Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.
134Bug-Bounty-Tools. The tools I have programmed to help me with bugbounty's
117wordlistgen. Generates target specific word lists for Fuzzing with fuff
113dnsresolver. A Lightning-Fast DNS Resolver written in Rust 🦀
70Zin. A Payload Injector for bugbounties written in go
70linkJS. Go
57SubNuke. Subdomain Takeover tool with web UI
57dorkX. Pipe different tools with google dork Scanner
56xsspwn. Cross-Site-Scripting (XSS) Automatic Scanner
45hrekt. A really fast http prober.
40mailsploit. Sends some one a malicious payload through smtp and starts a listener with metasploit.
36gocrawler. Go
32tprox. TProx is a fast reverse proxy path traversal detector and directory bruteforcer.
30crlfmap. CRLFMap is a tool to find HTTP Splitting vulnerabilities
25endzy. Endpoint monitor tool
21aem-eye. A very simple AEM detector written in rust.🦀
20EvilPhisher. Social Media Phisher
18shodan-grabber. Shodan-Grabber is a Node.js tool for scraping IP addresses and other information from Shodan's web interface. It utilizes Puppeteer for web scraping and handles rate limits by implementing retries with delays. The tool can run multiple scraping tasks in parallel and outputs the data to text files.
17erebus-templates. Community curated list of templates for the erebus engine to find security vulnerabilities.
16recon_db_scripts. Creating a Database for Mass Recon
12hostparser. A very fast hostparser.
10pdtools. Install and upgrade projectdiscovery tools
10bcaem. Fast AEM scope gathering tool for all your public and private BugCrowd Programs
10favlens. Favicon similarity scanner powered by local vision models via Ollama. favlens compares site favicons against a base reference and reports matches, helping you expand your attack surface to find sites with similar or identical favicons.
10Gxss. Tool for checking reflecting Parameters in a URL.
10corsX. Cross Origin Resource Sharing Scanner (CORS Scanner)
8fbkiller. Brute Forces A Facebook Account
5facebookscraper. Python
3wayhack-cli. Go
3GoogleDorkScanner.py. Python
2specter. SMTP Password Bruteforcer
1hakku. Hakku is a android take over tool using various deployment options.
1ethicalhackingplayground.
1JsX. Recon your way through java script with this tool finding subdomains, parameters, sinks & relative paths.
1burp-extensions. A collection of scripts to extend Burp Suite
1PayloadsAllTheThings. A list of useful payloads and bypass for Web Application Security and Pentest/CTF
1