Australia

zoidsec

Elite
@ethicalhackingplayground

I'm an ethical hacker researcher and love to help people learn about computer security.

ssrf-king. SSRF plugin for burp Automates SSRF Detection in all of the Request

630

bxss. Blind XSS Scanner is a tool that can be used to scan for blind XSS vulnerabilities in web applications.

416

TProxer. A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.

184

pathbuster. A path-normalization pentesting tool.

152

ssrf-tool. Go

145

erebus. Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.

134

Bug-Bounty-Tools. The tools I have programmed to help me with bugbounty's

117

wordlistgen. Generates target specific word lists for Fuzzing with fuff

113

dnsresolver. A Lightning-Fast DNS Resolver written in Rust 🦀

70

Zin. A Payload Injector for bugbounties written in go

70

linkJS. Go

57

SubNuke. Subdomain Takeover tool with web UI

57

dorkX. Pipe different tools with google dork Scanner

56

xsspwn. Cross-Site-Scripting (XSS) Automatic Scanner

45

hrekt. A really fast http prober.

40

mailsploit. Sends some one a malicious payload through smtp and starts a listener with metasploit.

36

gocrawler. Go

32

tprox. TProx is a fast reverse proxy path traversal detector and directory bruteforcer.

30

crlfmap. CRLFMap is a tool to find HTTP Splitting vulnerabilities

25

endzy. Endpoint monitor tool

21

aem-eye. A very simple AEM detector written in rust.🦀

20

EvilPhisher. Social Media Phisher

18

shodan-grabber. Shodan-Grabber is a Node.js tool for scraping IP addresses and other information from Shodan's web interface. It utilizes Puppeteer for web scraping and handles rate limits by implementing retries with delays. The tool can run multiple scraping tasks in parallel and outputs the data to text files.

17

erebus-templates. Community curated list of templates for the erebus engine to find security vulnerabilities.

16

recon_db_scripts. Creating a Database for Mass Recon

12

hostparser. A very fast hostparser.

10

pdtools. Install and upgrade projectdiscovery tools

10

bcaem. Fast AEM scope gathering tool for all your public and private BugCrowd Programs

10

favlens. Favicon similarity scanner powered by local vision models via Ollama. favlens compares site favicons against a base reference and reports matches, helping you expand your attack surface to find sites with similar or identical favicons.

10

Gxss. Tool for checking reflecting Parameters in a URL.

10

corsX. Cross Origin Resource Sharing Scanner (CORS Scanner)

8

fbkiller. Brute Forces A Facebook Account

5

facebookscraper. Python

3

wayhack-cli. Go

3

GoogleDorkScanner.py. Python

2

specter. SMTP Password Bruteforcer

1

hakku. Hakku is a android take over tool using various deployment options.

1

ethicalhackingplayground.

1

JsX. Recon your way through java script with this tool finding subdomains, parameters, sinks & relative paths.

1

burp-extensions. A collection of scripts to extend Burp Suite

1

PayloadsAllTheThings. A list of useful payloads and bypass for Web Application Security and Pentest/CTF

1
41
Apply