Prompt Injections Everywhere

Argus is used to test for Blind XSS and SSRF vulnerbilities or any sort of OOB detection

HTTP parameter discovery suite.

A tool to check a bunch of URLs that contain reflecting params.

best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect

Multi-threaded CMS BruteForcer to WordPress, Joomla, Drupal, OpenCart

Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.

Full Nuclei automation script with logic explanation.

This repository comes from an Internet collection

All The Notes And Tips I FOund In Github And Twitter I Put Them Here

Pentest Report Generator

The SpecterOps project management and reporting engine

A DNS Bruteforcing Wordlist Generator

Some wordlists collected form github to all bug bounty hunters.

Dex to Java decompiler

Bambdas collection for Burp Suite Professional and Community.

HuntersEye is designed for Bug Bounty Hunters, and Security Researchers to monitor new subdomains and certificates for specified domains. The primary goal is to streamline and expedite the process …

Ultimate Wordlist for Web Content Discovery

Rockyou for web fuzzing

Tool to bypass 403/40X response codes.

Web Crawler for Identifying Entry Points

Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common misconfigurations and security holes.

Burpsuite Plugin to detect Directory Traversal vulnerabilities

A curated list of amazingly awesome Burp Extensions