Burp Plugin to Bypass WAFs through the insertion of Junk Data

Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist

TLDFinder is a Python package that identifies valid top-level domains (TLDs) for a list of domains with wildcard characters in the TLD.

Extract URLs, paths, secrets, and other interesting bits from JavaScript

makes some dorks for google, duckduckgo, bing and etc.

🔎 Dork Generator

Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.

Application to understand narrow recon

I will share my public tools here and strive to keep them updated in the future. Don't forget to give them a star! Your support is appreciated

A useful script to gather ASNs and prefixes of your target, while you are doing a wide recon process.

A useful script to gather ASNs and prefixes of your target, while you are doing a wide recon process. translated from AliSkh3ykhi Script

WordTally is a Python script designed to analyze text files and provide word frequency statistics.

🌐 Get Some Useful Info From Domain/IP/ASN 🔥

This script will run your custom nuclei ssl.yaml to gather more assets from your target.

A Python script designed to monitor bug bounty programs for any changes and promptly notify users.

"A program to receive the latest changes in the scopes of the programs on hackerone, bugcrowd, and yeswehack."

An automated GitHub Actions-based crawler that fetches and updates public scopes from popular bug bounty platforms.

😁 Easy Regex

Simple django rce exploitation with leaked SECRET_KEY variable

Drum Pad Machine Application

instagram ui clone

Deploy matrix with all dependencies using docker-compose

Running nuclei Continuously

go script for check some medium user and tags then add to database and send it to discord server.

Some files for bruteforcing certain things.

DNS rebinding toolkit

Hidden parameters discovery suite