okaayfine's Projects
Combination of all my Resources, Links & Scripts
This cheasheet is aimed at the CTF Players and Beginners to help them sort Hack The Box Labs on the basis of Operating System and Difficulty.
Return domains in CSP headers in http response
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
Small, fast tool for performing reverse DNS lookups en masse.
Golang client for querying SecurityTrails API data
List of helm-ready security tool to help your Security team easy deploy applications on Kubernetes.
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
What happens behind the scenes when we type www.google.com in a browser?
Tutorials and Things to Do while Hunting Vulnerability.
Wiki for Pentesting iOS apps
University lecture on "IT Security" as Open Educational Resources material
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.
Automation for javascript recon in bug bounty.
🦁 Juumla is a python tool designed to identify and scan for version, config files in the CMS Joomla!
:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
Go scripts for checking API key / access token validity
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
Solidity-compatible BLS signatures, threshold encryption, distributed key generation library in modern C++. Actively maintained and used by SKALE for consensus, distributed random number gen, inter-chain communication and protection of transactions. BLS threshold signatures can be verified in Solidity, and used as random beacon (common coin)
Little Bug Bounty & Hacking Tools⚔️
Generates lists of live hosts and URLs for targeting, automating the usage of MassDNS, Masscan and nmap to filter out unreachable hosts and gather service information
批量检测log4j漏洞,主要还是批量fuzzz 头