La plus belle des ruses du diable est de vous persuader qu'il n'existe pas || explo(r|it)ing boundaries ||Cyber Security Analyst
AI-ML-Free-Resources-for-Security-and-Prompt-Injection. AI/ML Pentesting Roadmap for Beginners
610TheTimeMachine. Weaponizing WaybackUrls for Recon, BugBounties , OSINT, Sensitive Endpoints and what not
547wayBackLister. A New Approach to Directory Bruteforce with WaybackLister v1.0
233ThreatTracer. ThreatTracer - A tool to identify CVE by name & version and more by @FR13ND0x7F
150WayBackupFinder. A passive way to find backups/ sensitive information.
92LLMInjector. Burp Suite Extension for LLM Prompt Injection Testing
47JIRAya. JIRA"YA is a vulnerability analyzer for JIRA instances. It runs active scans to identify vulnerabilities by interacting with the host and conducting tests.
41CrossInjector. Cross Injector — A Python Script for Cross-Site Scripting (XSS) Detection
41CloudFail. Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
35CVESeeker. Unveiling Cyber Threats: From assets to Vulnerability Insights
18WhatTheCipher. Cipher Suite Checker
14secret. Collection of RegEx to fetch sensitive Key and Stuff
7MS12-020. CVE -2012-0152
6ProjectDork. The Dork Search Tools are designed to help bug bounty hunters and penetration testers find sensitive information and vulnerabilities on web applications.
6anmolksachan.github.io. HTML
6RecoMation. Recon Automation is a utility for automating reconnaissance for bug bounty hunters, Black Box Penetration testers, red teamers who are performing recon against some web app.
5X-Ray-Reveal-Hidden-Bookmarklets. A pair of one-click JavaScript bookmarklets that instantly reveal, enable, and interact with any hidden, disabled, or CSS-blocked elements on a page—perfect for security testing, QA, and debugging.
4CVE-2021-27190-PEEL-Shopping-cart-9.3.0-Stored-XSS.
3aem-spy. A command-line tool for checking a list of URLs for possible Adobe Experience Manager (AEM) detection.
3Blind-SSRF-with-Shellshock-exploitation. Blind SSRF with Shellshock exploitation
3HowToHunt. Collection of methodology and test case for various web vulnerabilities.
2nuclei-templates.
2anmolksachan.
2Awesome_GPT_Super_Prompting. ChatGPT Jailbreaks, GPT Assistants Prompt Leaks, GPTs Prompt Injection, LLM Prompt Security, Super Prompts, Prompt Hack, Prompt Security, Ai Prompt Engineering, Adversarial Machine Learning.
2WayBackupFinderBurpSuiteExtention.
1CVE-2020-2733. Python
1dkim-lookup. This Bash script checks the existence and details of DKIM (DomainKeys Identified Mail) records for a given domain. It uses a predefined set of selectors commonly used by various email providers and performs DNS queries to fetch the corresponding DKIM records.
1CVE.
1c1ph3r-fsocitey.github.io. HTML
1RepoReaper. RepoReaper is an automated tool crafted to meticulously scan and identify exposed .git repositories within specified domains and their subdomains.
1discovery.sh. Shell
1url-prepend-wizard. Python
1Payload. HTML
1cors-test-script. CORS Test Script
1lync-auto-discover. Shell
1