Sn1per Public
Attack Surface Management Platform
BlackWidow Public
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
BruteX Public
Automatically brute force all services running on a target.
1N3 Public
Sr. Penetration Tester. Creator of Sn1per. Top 20 worldwide on @BugCrowd in 2016. OSCE/OSCP/CISSP/Security+
Goohak Public
Automatically Launch Google Hacking Queries Against A Target Domain
ReverseAPK Public
Quickly analyze and reverse engineer Android packages
forbidden Public
Forked from ivan-sincek/forbiddenBypass 4xx HTTP response status codes and more. Based on PycURL.
Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield
massdns Public
Forked from blechschmidt/massdnsA high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
rapiddns Public
Forked from nullt3r/rapiddnsRapidly enumerate subdomains and domains using rapiddns.io.
InfoSec-Black-Friday Public
Forked from 0x90n/InfoSec-Black-FridayAll the deals for InfoSec related software/tools this Black Friday
AttackSurfaceManagement Public
Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Exploits Public
Exploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity
IntruderPayloads Public
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
Findsploit Public
Find exploits in local and online databases instantly
DirDar Public
Forked from M4DM0e/DirDarDirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it
github-endpoints Public
Forked from gwen001/github-endpointsFind endpoints on GitHub.
IPGeoLocation Public
Forked from maldevel/IPGeoLocationRetrieve IP Geolocation information
Amass Public
Forked from owasp-amass/amassIn-depth Attack Surface Mapping and Asset Discovery
PowerExfil Public
A collection of data exfiltration scripts for Red Team assessments.
Sublist3r Public
Forked from aboul3la/Sublist3rFast subdomains enumeration tool for penetration testers
LinkFinder Public
Forked from GerbenJavado/LinkFinderA python script that finds endpoints in JavaScript files
gitGraber Public
Forked from hisxo/gitGrabergitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
An automated Wireless RogueAP MITM attack framework.
slurp Public
Forked from gdraperi/slurp-1S3 bucket enumerator
CVE-2018-15473-Exploit Public
Forked from Rhynorater/CVE-2018-15473-ExploitExploit written in Python for CVE-2018-15473 with threading and export formats
CloudHunter Public
Find unreferenced AWS S3 buckets which have CloudFront CNAME records pointing to them
jexboss Public
Forked from joaomatosf/jexbossJexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
PrivEsc Public
A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.