semimitoz

semimitoz

3 followers · 56 following

Admin-Panel-Dorks Public
Forked from 0Xnanoboy/Admin-Panel-Dorks

Find The Admin Panel & SQL Injection Endpoints, Using Google Dorks !!!

Apache License 2.0 Updated Nov 15, 2024
Open-Redirect-Payloads Public
Forked from cujanovic/Open-Redirect-Payloads

Open Redirect Payloads

Shell Updated Oct 12, 2024
Markdown-XSS-Payloads Public
Forked from cujanovic/Markdown-XSS-Payloads

XSS payloads for exploiting Markdown syntax

Updated Oct 12, 2024
shortscan Public
Forked from bitquark/shortscan

An IIS short filename enumeration tool

Go MIT License Updated Jul 8, 2023
binary-auditing-training Public
Forked from Info-security/binary-auditing-training

Free IDA Pro Binary Auditing Training Material for University Lectures - from http://binary-auditing.com . Contains decrypted/unzipped files along with original zip archive and site's index.html

HTML Updated May 21, 2023
gitpillage Public
Forked from gwen001/gitpillage

Extract data from a .git directory.

Python MIT License Updated Mar 28, 2023
github-subdomains Public
Forked from gwen001/github-subdomains

Find subdomains on GitHub.

Go MIT License Updated Mar 28, 2023
github-endpoints Public
Forked from gwen001/github-endpoints

Find endpoints on GitHub.

Go MIT License Updated Mar 28, 2023
GAP-Burp-Extension Public
Forked from xnl-h4ck3r/GAP-Burp-Extension

Burp Extensions

Python Updated Dec 20, 2022
recollapse Public
Forked from 0xacb/recollapse

REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications

Python MIT License Updated Nov 21, 2022
s3cXSSer Public
Forked from s3c-krd/s3cXSSer

This extension will help you to detect GET/POST based XSS vulnerability in any website easily

JavaScript Updated Oct 24, 2022
IIS-ShortName-Scanner Public
Forked from irsdl/IIS-ShortName-Scanner

latest version of scanners for IIS short filename (8.3) disclosure vulnerability

Java Updated Oct 5, 2022
DesyncCL0 Public
Forked from riramar/DesyncCL0

A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.

Python GNU General Public License v2.0 Updated Aug 30, 2022
hakrawler Public
Forked from hakluke/hakrawler

Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application

Go GNU General Public License v3.0 Updated May 23, 2022
sns Public
Forked from sw33tLie/sns

IIS shortname scanner written in Go

Go Apache License 2.0 Updated May 20, 2022
hakoriginfinder Public
Forked from hakluke/hakoriginfinder
C63D

Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!

Go Updated May 6, 2022
shapeshifter Public
Forked from szski/shapeshifter

GraphQL security testing tool

Python Updated Mar 31, 2022
reflector Public
Forked from garlic0x1/go-reflect

A crawler that tests HTML forms for reflection

Go Updated Mar 13, 2022
Dome Public
Forked from v4d1/Dome

Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.

Python Updated Mar 10, 2022
OneListForAll Public
Forked from six2dez/OneListForAll

Rockyou for web fuzzing

Shell Updated Feb 9, 2022
hakcheckurl Public
Forked from hakluke/hakcheckurl

Takes a list of URLs and returns their HTTP response codes

Go MIT License Updated Feb 7, 2022
peepdf Public
Forked from jesparza/peepdf

Powerful Python tool to analyze PDF documents

Python GNU General Public License v3.0 Updated Jan 28, 2022
Imperva_gzip_WAF_Bypass Public
Forked from BishopFox/Imperva_gzip_WAF_Bypass

Python Updated Jan 7, 2022
KingOfBugBountyTips Public
Forked from KingOfBugbounty/KingOfBugBountyTips

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…

Updated Dec 27, 2021
eos Public
Forked from synacktiv/eos

Enemies Of Symfony - Debug mode Symfony looter

Python Other Updated Sep 14, 2021
DefaultCreds-cheat-sheet Public
Forked from ihebski/DefaultCreds-cheat-sheet

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Jupyter Notebook Updated Sep 2, 2021
h2csmuggler Public
Forked from BishopFox/h2csmuggler

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

Python MIT License Updated Aug 31, 2021
fff Public
Forked from tomnomnom/fff

The Fairly Fast Fetcher. Requests a bunch of URLs provided on stdin fairly quickly.

Go Updated Aug 5, 2021
ds_store_exp Public
Forked from lijiejie/ds_store_exp

A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.

Python Updated Feb 20, 2021
ote Public
Forked from s0md3v/ote

Generate Email, Register for anything, Get the OTP/Link

Python GNU General Public License v3.0 Updated Jan 12, 2021

semimitoz

Admin-Panel-Dorks Public

Uh oh!

Open-Redirect-Payloads Public

Uh oh!

Markdown-XSS-Payloads Public

Uh oh!

shortscan Public

Uh oh!

binary-auditing-training Public

Uh oh!

gitpillage Public

Uh oh!

github-subdomains Public

Uh oh!

github-endpoints Public

Uh oh!

GAP-Burp-Extension Public

Uh oh!

recollapse Public

Uh oh!

s3cXSSer Public

Uh oh!

IIS-ShortName-Scanner Public

Uh oh!

DesyncCL0 Public

Uh oh!

hakrawler Public

Uh oh!

sns Public

Uh oh!

hakoriginfinder Public

Uh oh!

shapeshifter Public

Uh oh!

reflector Public

Uh oh!

Dome Public

Uh oh!

OneListForAll Public

Uh oh!

hakcheckurl Public

Uh oh!

peepdf Public

Uh oh!

Imperva_gzip_WAF_Bypass Public

Uh oh!

KingOfBugBountyTips Public

Uh oh!

eos Public

Uh oh!

DefaultCreds-cheat-sheet Public

Uh oh!

h2csmuggler Public

Uh oh!

fff Public

Uh oh!

ds_store_exp Public

Uh oh!

ote Public

Uh oh!