UK

Robbie

Elite
@random-robbie

Bug Bounty Hunter that appears in your searches! Soz not Soz! Raise an Issue if you wish to contact me do not email me!

bruteforce-lists. Some files for bruteforcing certain things.

1.4k

My-Shodan-Scripts. Collection of Scripts for shodan searching stuff.

1.1k

keywords.

374

Jira-Scan. CVE-2017-9506 - SSRF

192

cve-2020-0688. cve-2020-0688

165

ssrf-finder. Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.

111

AWS-Scanner. Scans a list of websites for Cloudfront or S3 Buckets

110

bugbountydork. Bug Bounty Dork

72

docker-ssh-honey. SSH Honey pot for docker

61

mass-s3-bucket-tester. This tests a list of s3 buckets to see if they have dir listings enabled or if they are uploadable

54

open-redirect. Open Redirect Finder.

53

cloud-cidr. AWS,AZURE,GOOGLE CLOUD IP CIDRS

50

metadata-one-liners. retrive metadata endpoint data with these one liners.

41

kube-scan. Kubernetes Scanner

40

mcp-web-browser. An advanced web browsing server for the Model Context Protocol (MCP) powered by Playwright, enabling headless browser interactions through a flexible, secure API.

27

RPI-Control. Automated 433Mhz Control for Status Power Sockets using a Raspberry Pi

24

grayhatwarfare-docs-finder. Finds Documents On Cloud Assets Using grayhatwarfare API for short urls

23

liferay-pwn. Vuln Liferay scanner & Exploit

21

frida-docker. Dockerised Version of Frida

21

InfiniteWP-exploit. InfiniteWP Client < 1.9.4.5 - Authentication Bypass

21

Hikvision-Brute-Force. Brute Force Hikvision Devices that only allow PIN passwords

20

wheres-my-git. Wheres My Git - Find /.git/config files based on dirs found in home url

20

AutoRecon. Simple shell script for automated domain recognition with some tools

20

consul-pwn. Make a Consul Agent Grab Metadata endpoints

19

wpa-cracking. Command List for Hashcat and default keyspaces.

17

xssfinder. Toolset for detecting reflected xss in websites

16

bash-hacks. little scripts of bash stuff that i've found handy.

16

All-in-One-WP-Migration-Backup-Finder. All-in-One WP Migration-Backup-Finder

16

hamachi-pi. Install hamachi on your raspberry pi

16

mini-php-shells. Multiple Shells of the same code with different extentions.

15

slurp. Enumerate S3 buckets via certstream, domain, or keywords

15

S3-Listable. S3 Buckets that will let you list all files inside them

14

s3-tko. AWS S3 Bucket Finder.

14

aquatone-docker. Docker Version of Aquatone

14

extract-m3u. Extract username and passwords from IPTV urls

13

wpa-masshandshakeextract. Needed a way to filter all my pwnagotchi handshakes.

13

yahoo-bug-bounty. List of hosts from yahoo.com

13

rb-recon.

13

Aircrack-NG_RaspberryPI. Installer for Aircrack-NG / Airoscript For Raspberry Pi

12

wifite2-docker. Docker of Wifite2

12

wayback-saver. Saves pages to Wayback machine

12

SecretFinder. SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files

12

phpunit-brute. Tool to try multiple paths for PHPunit RCE CVE-2017-9841

11

cve-2019-6715. Go

11

angularjs-csti-scanner. Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.

11

jamf-log4j. Python

11

CRLF-Injection-Scanner. Command line tool for testing CRLF injection on list of domains.

10

Upnp-Exploiter. A Upnp exploitation tool.

10

firebaseio-checker-go. Firebase url checker in go

10

urlscan-search. urlscan.io search for domains

9

BucketSnoop. A Firefox extension and WebSocket handler that checks s3 buckets while your browse.

9

sms-command-server. Send a SMS to Control Your Linux Box

9

firebaseio-checker. Checks a list of firebaseio to confirm they are working and have dev access to them

9

GitGot. Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

9

cve-2022-23131-exp. Zabbix SSO Bypass

8

redirector. Redirects any request with which ever http status code you want to a location of your choice

8

twando. Twitter Multi Account

8

docker-massscan-webui. Masscan web gui

7

selenium-abuser. Abuse Open Selenium Gird or Node to get access to metadata endpoint.

7
59
Apply