Abdul Sayyad's Projects
Generates permutations, alterations and mutations of subdomains and then resolves them
Awesome Bug bounty builder Project
My Recon Automation Script
A script to set up a quick Ubuntu 17.10 x64 box with tools I use.
List of Google Dorks for sites that have responsible disclosure program / bug bounty program
This are some Dorks and Platform to find the Bug Bounty Programs.
This repo contains all the Bug Bounty Dorks sourced from different awesome sources and compiled at one place
A Proof of Concept for Clickjacking Attacks
A list of useful payloads and Bypass for Web Application Security and Bug Bounty/CTF
Web path scanner
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
A wrapper around grep, to help you grep for things
JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate report.
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
A list of resources for those interested in getting started in bug bounties
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
Automation: Bash script wrapper to find and verify time base sql injection
All in One Subdomain Enumeration Tool
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
Burp Extension written in Jython to hunt for common vulnerabilities found in websites. Developed by Gaurav Narwani to help people find vulnerabilities and teach how to exploit them.
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
Web application fuzzer