Jubaer Alnazi's Projects
Shows how to use async requests vs requests
A curated list of various bug bounty tools
āØ A curated list of awesome threat detection and hunting resources šµļøāāļø
Python application to port scan EC2 instances in your AWS inventory
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active D
BullDIR is a fast hidden directory/file scanner which scans for active and hidden directories in a target. The tool takes your given wordlist and exposes the valid directories or files.
This Chatbot is an interactive app developed to assist users to interact with their PDF. It is built using Open Source Stack. No OpenAI is required.
A fast tool to scan CRLF vulnerability written in Go
Faster requests on Python 3
š A beautiful recipe search engine made with modern JavaScript features š. Powered by food2fork API š“
Config files for my GitHub profile.
Tutorials and Things to Do while Hunting Vulnerability.
Jbin will gather all the URLs from the website and then it will try to expose the secret data from them such as API keys, API secrets, API tokens and many other juicy information.
š Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
Web API for nuclei and subfinder will help you automate your entire security testing workflow since you can host it anywhere and make it accessible.
Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.
Parameter-Reflect-Finder is a python based tool that helps you find reflected parameters which can have potential XSS or Open redirection vulnerabilities.
Penetration Testing and Offensive Security Interview Questions
š” PoC auto collect from GitHub. ā ļø Be careful Malware.
Pentest Report Generator
Tools and Techniques for Red Team / Penetration Testing
A list of resources for those interested in getting started in bug bounties
List of regex for scraping secret API keys and juicy information.
Sniffcon has a wide list of powerful online bug bounty tools which can be used to find security vulnerabilities.
GitHub Actions for executing remote ssh commands.