cha0s-sys
Follow
Stars
All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)
Tool to check for dependency confusion vulnerabilities in multiple package management systems
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
A collection of PDF/books about the modern web application security and bug bounty.
Install Kali Linux on Android using Termux!
Tool for advanced mining for content on Github
A browser extension to read medium.com articles for free without membership.
SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions
40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...
GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
A collection of awesome penetration testing resources, tools and other shiny things
Gospider - Fast web spider written in Go
An OOB interaction gathering server and client library
Find broken links, missing images, etc within your HTML.
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
This script is intended to automate your reconnaissance process in an organized fashion
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
Small tool to package javascript into a valid image file.
A fast tool to scan CRLF vulnerability written in Go
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
Accept URLs on stdin, replace all query string values with a user-supplied value