BugHunter ID's Projects
Adhrit is an open source Android APK reversing and analysis tool that can help security researchers and CTF enthusiasts alike. The tool is an effort to cut down on the amount of time spent on reversing and basic reconnaissance of Android applications.
In-depth DNS Enumeration and Network Mapping
A Tool for Domain Flyovers
:scream: A curated list of amazingly awesome OSINT
A collection of awesome penetration testing resources, tools and other shiny things
Awesome web penetration testing
Awesome XSS stuff
Web Crawler, Scanner, and Analyzer Framework (Shell-Script based)
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
A list of interesting payloads, tips and tricks for bug bounty hunters.
Open source education content for the researcher community
Para pencari bug / celah kemanan bisa bergabung.
"Can I take over XYZ?" β a list of services and how to claim (sub)domains with dangling DNS records.
CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
Mobile penetration testing android command cheatsheet
Wordlist for content(directory) bruteforce discovering with Burp or dirsearch
Payloads for CRLF Injection
Web path scanner
Directory/file & DNS busting tool written in Go
:pushpin: A guide for amateurs pen testers and a collection of hacking tools, resources and references to practice ethical hacking, pen testing and web security.
The unofficial HackerOne disclosure Timeline
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
Knock Subdomain Scan
XSS payloads for exploiting Markdown syntax
Subdomain Scanner Tools with word-lists
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS/Windows) automated pen-testing framework capable of performing static, dynamic analysis and web API testing.
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
Open Redirect Payloads