Çok eski bir web tarayıcısı kullanıyorsunuz. Bu veya diğer siteleri görüntülemekte sorunlar yaşayabilirsiniz.. Tarayıcınızı güncellemeli veya alternatif bir tarayıcı kullanmalısınız.
fuzzdb – Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
IntruderPayloads – A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
smuggler – Smuggler – An HTTP Request Smuggling / Desync testing tool written in Python 3
h2csmuggler – HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
tiscripts – These scripts I use to create Request Smuggling Desync payloads for CLTE and TECL style attacks.
Server Side Request Forgery
SSRFmap – Automatic SSRF fuzzer and exploitation tool
Gopherus – This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
ground-control – A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.
SSRFire – An automated SSRF finder. Just give the domain name and your server and chill! Also has options to find XSS and open redirects
httprebind – Automatic tool for DNS rebinding-based SSRF attacks
ssrf-sheriff – A simple SSRF-testing sheriff written in Go
B-XSSRF – Toolkit to detect and keep track on Blind XSS, XXE & SSRF
extended-ssrf-search – Smart ssrf scanner using different methods like parameter brute forcing in post and get…
gaussrf – Fetch known URLs from AlienVault’s Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SSRF Parameters.
sqlmap – Automatic SQL injection and database takeover tool
NoSQLMap – Automated NoSQL database enumeration and web application exploitation tool.
SQLiScanner – Automatic SQL injection with Charles and sqlmap api
SleuthQL – Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.
mssqlproxy – mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse
sqli-hunter – SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
waybackSqliScanner – Gather urls from wayback machine then test each GET parameter for sql injection.
ESC – Evil SQL Client (ESC) is an interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features.
mssqli-duet – SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
burp-to-sqlmap – Performing SQLInjection test on Burp Suite Bulk Requests using SQLMap
BurpSQLTruncSanner – Messy BurpSuite plugin for SQL Truncation vulnerabilities.
shadow-workers – Shadow Workers is a free and open source C2 and proxy designed for penetration testers to help in the exploitation of XSS and malicious Service Workers (SW)
rexsser – This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope.
xss-flare – XSS hunter on cloudflare serverless workers.
ground-control – A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.
dtd-finder – List DTDs and generate XXE payloads using those local DTDs.
docem – Uility to embed XXE and XSS payloads in docx,odt,pptx,etc (OXML_XEE on steroids)
xxeserv – A mini webserver with FTP support for XXE payloads
xxexploiter – Tool to help exploit XXE vulnerabilities
B-XSSRF – Toolkit to detect and keep track on Blind XSS, XXE & SSRF
XXEinjector – Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
oxml_xxe – A tool for embedding XXE/XML exploits into different filetypes
metahttp – A bash script that automates the scanning of a target network for HTTP resources through XXE
Passwords
thc-hydra – Hydra is a parallelized login cracker which supports numerous protocols to attack.
DefaultCreds-cheat-sheet – One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password
BruteX – Automatically brute force all services running on a target.
patator – Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
Secrets
git-secrets – Prevents you from committing secrets and credentials into git repositories
gitleaks – Scan git repos (or files) for secrets using regex and entropy
truffleHog – Searches through git repositories for high entropy strings and secrets, digging deep into commit history
gitGraber – gitGraber: monitor GitHub to search and find sensitive data in real time for different online services
talisman – By hooking into the pre-push hook provided by Git, Talisman validates the outgoing changeset for things that look suspicious – such as authorization tokens and private keys.
GitGot – Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
git-all-secrets – A tool to capture all the git secrets by leveraging multiple open source git searching tools
github-search – Tools to perform basic search on GitHub.
git-vuln-finder – Finding potential software vulnerabilities from git commit messages
commit-stream – #OSINT tool for finding Github repositories by extracting commit logs in real time from the Github event API
gitrob – Reconnaissance tool for GitHub organizations
repo-supervisor – Scan your code for security misconfiguration, search for passwords and secrets.
GitMiner – Tool for advanced mining for content on Github
shhgit – Ah shhgit! Find GitHub secrets in real time
detect-secrets – An enterprise friendly way of detecting and preventing secrets in code.
rusty-hog – A suite of secret scanners built in Rust for performance. Based on TruffleHog
whispers – Identify hardcoded secrets and dangerous behaviours
yar – Yar is a tool for plunderin’ organizations, users and/or repositories.
dufflebag – Search exposed EBS volumes for secrets
earlybird – EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.
postMessage-tracker – A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
autoSubTakeover – A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking out if subdomain takeover is possible.
NSBrute – Python utility to takeover domains vulnerable to AWS NS Takeover
can-i-take-over-xyz – “Can I take over XYZ?” — a list of services and how to claim (sub)domains with dangling DNS records.
cnames – take a list of resolved subdomains and output any corresponding CNAMES en masse.
Eagle – Multithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities
cariddi – Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more…
Uncategorized
JSONBee – A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.
CyberChef – The Cyber Swiss Army Knife – a web app for encryption, encoding, compression and data analysis
–
bountyplz – Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
PayloadsAllTheThings – A list of useful payloads and bypass for Web Application Security and Pentest/CTF
bounty-targets-data – This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
httpx – httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.