This is your work, valued
reconftw. reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
7.8kOneListForAll. Rockyou for web fuzzing
3.2kpentest-book.
2.1kOSCP-Human-Guide. My own OSCP guide
854wahh_extras. The Web Application Hacker's Handbook - Extra Content
570dorks_hunter. Simple Google Dorks search tool
342ipcdn. Check which CDN providers an IP list belongs to
192burp-bounty-profiles. Burp Bounty profiles compilation, feel free to contribute!
152obsidian-pentesting-vault. Sample Obsidian's vault for web pentesting
114reconftw_ai. AI/LLM local model integration for analysis of reconftw results
104degoogle_hunter. Simple fork from degoogle original project with bug hunting purposes
91resolvers_reconftw. Resolvers updated daily for reconftw
50postleaksNg. Search for sensitive data in Postman public library. Original work from https://github.com/cosad3s/postleaks
33WebHackersWeapons. ⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
28mobile_pentesting_guide. Mobile Pentesting Guide (WIP)
24useful-random-scripts. Just a bunch of useful scripts for netsec/admin/others
19talks.
12cloud_enum. Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
10six2dez.
9axiom. The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
8keyhacks. Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
8bitup2021_subdominions.
7byp4xx. 40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...
7MetaFinder. Search for documents in a domain through Search Engines (Google, Bing and Baidu). The objective is to extract metadata
7dnstake. DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
7dontgo403. Tool to bypass 40X response codes.
7msftrecon. Python
6bypass-firewalls-by-DNS-history. Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
5uDork. uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on.
4scoper. This is a Burp Suite extension that allows users to easily add web addresses to the Burp Suite scope.
4pwn-machine. The Pwning Machine
4JSA. Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.
4remotes. This is a repository listing companies which offer full-time remote jobs with Spanish contracts
4sj. A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
4goop. Yet another tool to dump a git repository from a website, focused on as-complete-as-possible dumps and handling weird edge-cases.
3crtfinder. Fast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques
3roboxtractor. Extract endpoints marked as disallow in robots files to generate wordlists.
3Hashcat-Cheatsheet. Hashcat Cheatsheet for OSCP
3rtlog. Python
3SubreconGPT. Python
3Enum_For_All.
3Findomain. The complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, multiple API Keys for sources and much more.
3MindAPI. Organize your API security assessment by using MindAPI. It's free and open for community collaboration.
3exploitation-course. Offensive Software Exploitation Course
2AnalyticsRelationships. Get related domains / subdomains by looking at Google Analytics IDs
2owasp-mstg. The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.
2Gf-Patterns. GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
2dsieve. Take a list of urls and filter or extract domains by level.
2cf-check. CloudFlare Checker written in Go
1CVE-2021-3129. Laravel <= v8.4.2 debug mode: Remote code execution (CVE-2021-3129)
1gotator. Gotator is a tool to generate DNS wordlists through permutations.
1dotfiles. Just my dotfiles
1pwn_jenkins. Notes about attacking Jenkins servers
1vercel_tko_test2. HTML
1