keyhacks. Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
6.3kpastebin-scraper. Pastebin-scraper tool leverages the API of https://psbdmp.ws/ to find emails/domains dumped in pastebin.
136hacks. Small snippets and scripts which I use
36bugbounty-cheatsheet. A list of interesting payloads, tips and tricks for bug bounty hunters.
30big-list-of-naughty-strings. The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
15SSRF-Testing. SSRF (Server Side Request Forgery) testing resources
13hackpad. A web application hacker's toolbox. Base64 encoding/decoding, URL encoding/decoding, MD5/SHA1/SHA256/HMAC hashing, code deobfuscation, formatting, highlighting and much more.
6CRLF-Injection-Scanner. Command line tool for testing CRLF injection on list of domains.
6github-search. Tools to perform basic search on GitHub.
6hacks-1. A collection of hacks and one-off scripts
5SubOver. A Powerful Subdomain Takeover Tool
4oxml_xxe. A tool for embedding XXE/XML exploits into different filetypes
4certasset. Takes ip range, Scan all open SSL Certs, Grab Cnames
3ffmpeg-avi-m3u-xbin. Python
3OSINT-Framework. OSINT Framework
3ICU. An Extended, Modulair, Host Discovery Framework
3CRLF-Injection-Payloads. Payloads for CRLF Injection
3Java-Deserialization-Cheat-Sheet. The cheat sheet about Java Deserialization vulnerabilities
3retire.js. scanner detecting the use of JavaScript libraries with known vulnerabilities
2jwt_tool. :snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
2PayloadsAllTheThings. A list of useful payloads and bypass for Web Application Security and Pentest/CTF
2heartbleed-poc. Test for SSL heartbeat vulnerability (CVE-2014-0160)
2gen_report. A quick, customizeable report generator for HackeOne. Increases productivity & efficiency.
1java_deserialization_exploits. A collection of Java Deserialization Exploits
1APAC-Conferences. A community contributed consolidated list of InfoSec meetups in the Asia Pacific region.
1h1-212-ctf-solutions. A collection of the solutions people wrote for the H1-212 Capture The Flag event
1