streaak

Elite
@streaak

keyhacks. Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

6.3k

pastebin-scraper. Pastebin-scraper tool leverages the API of https://psbdmp.ws/ to find emails/domains dumped in pastebin.

136

hacks. Small snippets and scripts which I use

36

bugbounty-cheatsheet. A list of interesting payloads, tips and tricks for bug bounty hunters.

30

big-list-of-naughty-strings. The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

15

SSRF-Testing. SSRF (Server Side Request Forgery) testing resources

13

hackpad. A web application hacker's toolbox. Base64 encoding/decoding, URL encoding/decoding, MD5/SHA1/SHA256/HMAC hashing, code deobfuscation, formatting, highlighting and much more.

6

CRLF-Injection-Scanner. Command line tool for testing CRLF injection on list of domains.

6

github-search. Tools to perform basic search on GitHub.

6

hacks-1. A collection of hacks and one-off scripts

5

SubOver. A Powerful Subdomain Takeover Tool

4

oxml_xxe. A tool for embedding XXE/XML exploits into different filetypes

4

certasset. Takes ip range, Scan all open SSL Certs, Grab Cnames

3

ffmpeg-avi-m3u-xbin. Python

3

OSINT-Framework. OSINT Framework

3

ICU. An Extended, Modulair, Host Discovery Framework

3

CRLF-Injection-Payloads. Payloads for CRLF Injection

3

Java-Deserialization-Cheat-Sheet. The cheat sheet about Java Deserialization vulnerabilities

3

retire.js. scanner detecting the use of JavaScript libraries with known vulnerabilities

2

jwt_tool. :snake: A toolkit for testing, tweaking and cracking JSON Web Tokens

2

PayloadsAllTheThings. A list of useful payloads and bypass for Web Application Security and Pentest/CTF

2

heartbleed-poc. Test for SSL heartbeat vulnerability (CVE-2014-0160)

2

gen_report. A quick, customizeable report generator for HackeOne. Increases productivity & efficiency.

1

java_deserialization_exploits. A collection of Java Deserialization Exploits

1

APAC-Conferences. A community contributed consolidated list of InfoSec meetups in the Asia Pacific region.

1

h1-212-ctf-solutions. A collection of the solutions people wrote for the H1-212 Capture The Flag event

1
26
Apply