bhishma14 Goto Github PK
Type: User
Type: User
Test to see if an S3 bucket is misconfigured to allow public uploading of files
List of Google Dorks for sites that have responsible disclosure program / bug bounty program
All the labs in this repository simulate real world bugs I found in the wild
Run all your bug bounty VPN profiles in parallel and expose them via multiple local SOCKS proxies.
Plugin for Burp Suite Free wich detects dynamic JS generated on the server side
As name suggest. Currently in development
Burp Free plugin to test for host header injection vulnerabilities. (Development)
Burp reflected parameter finder... to find reflected parameters in responses for Burp Suite Free.
Burpsuite extension for log4j2rce
To book the bus
Pyhton script for HTTP 40X responses bypassing. Features: Verb tampering, headers, #bugbountytips tricks and 2454 User-Agents.
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Compiles a list of major CDN and WAF subnets.
A default credential scanner.
Chart-Of-Wordlist helps to create your own custom wordlist. Also in one repository, you can find a list of awesome wordlist.
A Proof of Concept for Clickjacking Attacks
Prototype Pollution and useful Script Gadgets
Awesome cloud enumerator
Cloudlist is a tool for listing Assets from multiple Cloud Providers.
CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
Cloud Security Posture Management (CSPM)
code reviews to practice
A multi-threaded scanner that helps identify CORS flaws/misconfigurations
CORS Misconfiguration Scanner
A fast tool to scan CRLF vulnerability written in Go
A Burp Suite extension for CSRF proof of concepts.
This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first.
Exploiting a Cross-site request forgery (CSRF) attack to get a Remote Command Execution (RCE) through the Webmin's running process feature
bug bounty pull all subdomain data, hacker tools
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.