bugbounty-toolkit

🎯 Bug Bounty Recon Toolkit Automated recon toolkit for author...

v3nomEyE

The All-in-One P1 Bug Bounty Reconnaissance & Exploitation...

vulnscanx_v2

⚡ VulnScanX Advanced Vulnerability Scanning & Penetration...

reconauto

reconauto Automated b...

Exploit for OS Command Injection in Php

╔═══════════════════════════════════════════════════════╗...

claude-code-pentest

claude-code-pentest 6 Claude Code skills that automate th...

Penetration-testing-toolkit

Python Penetration Testing Toolkit A Python-based penetration t...

HackTheBox-Penetration-Testing-Methodology

HackTheBox Penetration Testing Methodology by 9mmpterodacty...

ctf-toolkit

Bug Bounty Recon Tool 🚀 The Ultimate Bug Bounty Recon Tool...

ReconPi

This is a reconnaissance tool called ReconPi, designed for use on a Raspberry Pi or a VPS. The tool is written in Bash and uses various scripts to perform extensive reconnaissance on a target domain. The tool's primary function is to gather information about a target domain, including subdomains,...

awesome-termux-hacking

This is an awesome list of Termux hacking tools. It appears to be a collection of various tools and frameworks for penetration testing, vulnerability assessment, and exploitation. The list includes tools for tasks such as: Subdomain enumeration e.g., Sublist3r Vulnerability scanning e.g., w3af,...

DNSSEC NSEC. The accidental treasure map to your subdomains

TL;DR: DNSSEC secures DNS but may unintentionally expose domain structures via NSEC/NSEC3 records, enabling zone walking to enumerate subdomains. NSEC openly lists domain names, making enumeration easy. NSEC3 hashes names, making enumeration harder, but attackers can still crack weak...

WebCopilot - An Automation Tool That Enumerates Subdomains Then Filters Out Xss, Sqli, Open Redirect, Lfi, Ssrf And Rce Parameters And Then Scans For Vulnerabilities

WebCopilot is an automation tool designed to enumerate subdomains of the target and detect bugs using different open-source tools. The script first enumerate all the subdomains of the given target domain using assetfinder, sublister, subfinder, amass, findomain, hackertarget, riddler and crt then...

Nodesub - Command-Line Tool For Finding Subdomains In Bug Bounty Programs

Nodesub is a command-line tool for finding subdomains in bug bounty programs. It supports various subdomain enumeration techniques and provides flexible options for customization. Features Perform subdomain enumeration using CIDR notation Support input list. Perform subdomain enumeration using AS...

Columbus-Server - API first subdomain discovery service, blazingly fast subdomain enumeration service with advanced features

Columbus Project is an API first subdomain discovery service, blazingly fast subdomain enumeration service with advanced features. Columbus returned 638subdomains of tesla.com in 0.231 sec. Usage By default Columbus returns only the subdomains in a JSON string array: curl...

Scriptkiddi3 - Streamline Your Recon And Vulnerability Detection Process With SCRIPTKIDDI3, A Recon And Initial Vulnerability Detection Tool Built Using Shell Script And Open Source Tools

Streamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using shell script and open source tools. How it works • Installation • Usage • MODES • For Developers • Credits Introducing SCRIPTKIDDI3, a powerful recon and initi...

Bbot - OSINT Automation For Hackers

BEE·bot OSINT automation for hackers. BBOT is a recursive , modular OSINT framework written in Python. It is capable of executing the entire OSINT process in a single command, including subdomain enumeration, port scanning, web screenshots with its gowitness module, vulnerability scanning with...

LiveTargetsFinder - Generates Lists Of Live Hosts And URLs For Targeting, Automating The Usage Of MassDNS, Masscan And Nmap To Filter Out Unreachable Hosts And Gather Service Information

Generates lists of live hosts and URLs for targeting, automating the usage of Massdns, Masscan and nmap to filter out unreachable hosts Given an input file of domain names, this script will automate the usage of MassDNS to filter out unresolvable hosts, and then pass the results on to Masscan to...

GooFuzz - Tool To Perform Fuzzing With An OSINT Approach, Managing To Enumerate Directories, Files, Subdomains Or Parameters Without Leaving Evidence On The Target's Server With Google Dorking

Credits Author: M3n0sD0n4ld Twitter: @DavidUton Description: GooFuzz is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories without making requests to the web server. Download and install: $ git clone...

Sub3Suite - A Free, Open Source, Cross Platform Intelligence Gathering Tool

Sub3 Suite is a research-grade suite of tools for Subdomain Enumeration, OSINT Information gathering & Attack Surface Mapping. Supports both manual and automated analysis on variety of target types with many available features & tools. For more information checkout the documentation Screenshots...