Stars
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Tool to generate csrf payloads based on vulnerable requests
XploitSPY is an Android Monitoring Tool
A list of interesting payloads, tips and tricks for bug bounty hunters.
Now, the Host is Mine! - Super Fast Sub-domain Takeover Detection!
Software for fuzzing, used on web application pentestings.
A python script which allows you to parse GeoLocation data from your Image files stored in a dataset.It also produces output in CSV file and also in HTML Google Maps
All about bug bounty (bypasses, payloads, and etc)
Bypass Coudflare bot protection using Cloudflare Workers
Penetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing
Burp plugin able to find reflected XSS on page in real-time while browsing on site
Docker - Ubuntu with a bunch of PenTesting tools and wordlists
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
The LAZY script will make your life easier, and of course faster.
An automated XSS payload generator written in python.
Automatically spawn a reverse shell fully interactive for Linux or Windows victim
Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.
theinfosecguy / HowToHunt
Forked from KathanP19/HowToHuntSome Tutorials and Things to Do while Hunting That Vulnerability.
OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner.
XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com
Tweets metadata scraper & activity analyzer
SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
Python library for accurately querying username and email usage on online platforms