Stars
My useful files for penetration tests, security assessments, bug bounty and other security related stuff
The JavaScript / Wasm runtime that powers Cloudflare Workers
A cloud native Identity Aware Proxy and Access Control Decision service
π‘οΈ The missing GraphQL security security layer for Apollo GraphQL and Yoga / Envelop servers π‘οΈ
Obtain GraphQL API schema even if the introspection is disabled
Blazing fast GraphQL discovery & fingerprinting toolbox.
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
The Most Advanced Client-Side Prototype Pollution Scanner
A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
π gowitness - a golang, web screenshot utility using Chrome Headless
π΅οΈββοΈ All-in-one OSINT tool for analysing any website
Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
Differential testing framework for HTTP implementations
A next-generation crawling and spidering framework.
An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!
"Can I take over DNS?" β a list of DNS providers and how to claim vulnerable domains.
Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal & Intelligence X!
"Can I take over XYZ?" β a list of services and how to claim (sub)domains with dangling DNS records.
List over kjente norske bug bounty-program π³π΄
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
In-depth attack surface mapping and asset discovery