All In One Web Recon

Advanced CORS Header Checker Tool with Vulnerability Detection and Bypass Attempts

Web Path Finder

Find S3 AWS/GCP/Azure buckets while surfing. S3DNS acts as DNS server, follows CNAMEs and matches any bucket pattern

Whitepass Bypass Whitelist/Ratelimit Implementations in Web Applications/APIs

The CyberTalents repository is a collection of solutions and write-ups for challenges sourced from the CyberTalents platform. Organized topic, this repository serves as a resource for cybersecurity enthusiasts seeking to enhance their skills and understanding of security concepts.

A powerful recon tool

Small tool to decode ASP.NET __VIEWSTATE variable when doing webpentests

The simplest way to integrate your subdomain enum outputs with Burp Pro (Fast Crawler)

Erlik 2 - Vulnerable-Flask-App

This extension allows you to detect implementations of postMessage function, addEventListener("message",function) event handler and onMessage function.

web application penetration testing and security notes.

jsonAnalytic - List all keys & all values in json

🔧 A simple but powerful CLI-based toolkit for basic reconnaissance — includes subdomain discovery, header scanning, port scanning, etc.

Admin Finder Tool is a Python-based tool designed to help security professionals, penetration testers, and website administrators identify potentially sensitive admin areas on a website. The tool works by testing a list of common admin URL paths and checking if any of these return a 200 HTTP status code, indicating that they exist.

A collaborative repository for web pentesting notes and tool commands. Contribute your knowledge to build a comprehensive resource for Web pentester, Bug bounty hunter, Ethical hacker and security professionals.