irwpb Goto Github PK

.well-known

endpoint .well-known

adlab

Custom PowerShell module to setup an Active Directory lab environment to practice penetration testing.

api-security-checklist

Checklist of the most important security countermeasures when designing, testing, and releasing your API

arsenal

Arsenal is just a quick inventory and launcher for hacking programs

awesome-flipperzero

🐬 A collection of awesome resources for the Flipper Zero device.

bb-reports-templates

My small collection of reports templates

bug-bounty

Ressources for bug bounty hunting

bug-bounty-dorks

List of Google Dorks for sites that have responsible disclosure program / bug bounty program

bugbounty_cheatsheet

BugBounty_CheatSheet

burp-wordlist-generator

This Burp extension extracts various data (path, parameter keys, parameter values, subdomains, etc.) from the sitemap. This data is used to create custom wordlists for directory/dns/parameter brute-forcing.

burpsuite_403bypasser

Burpsuite Extension to bypass 403 restricted directory

byp4xx

40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...

bypass-403

A simple script just made for self use for bypassing 403

checklists

Red Teaming & Pentesting checklists for various engagements

cloudflare_enum

Cloudflare DNS Enumeration Tool for Pentesters

comparer

cve-2022-33679

One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html

cve-2022-36231

pdf_info <= 0.5.3 OS Command Injection

dalfox

🌙🦊 DalFox is an powerful open source XSS scanning tool and parameter analyzer, utility

droidbrute

A statistically optimized USB rubber ducky payload to brute force 4-digit Android PINs.

exploit

Just some exploits :P

ezxss

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

flutter-spy

Explore, analyze, and gain valuable data & insights from reverse engineered Flutter apps.

gap-burp-extension

Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist

gau

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

gf

A wrapper around grep, to help you grep for things

gtfonow

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.

headers-bypass-list

image-upload-exploits

This repository contains various media files for known attacks on web applications processing media files. Useful for penetration tests and bug bounty.

jfscan

JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate report.