- š Hi, Iām @spongyB
- š Iām interested in Ethical Hacking and BugBounty
- š± Iām currently learning ...
spongyb Goto Github PK
Name: Spongybone
Type: User
Twitter: Phinehas91
Name: Spongybone
Type: User
Twitter: Phinehas91
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
Contextual Content Discovery Tool
The purpose of #Learn365 collection is to create informational content in multiple codecs and share with the community to allow knowledge advent and studying.
A python script that finds endpoints in JavaScript files
Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading
Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth.
Log4j2 RCE Passive Scanner plugin for BurpSuite
A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.
MayorSec DNS Enumeration Tool
A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
Python3 o365 User Enumeration Tool
Rockyou for web fuzzing
OpenBugBounty - https://www.openbugbounty.org/ programs list
A Workflow Engine for Offensive Security
Mining parameters from dark corners of Web Archives
Prototype pollution scanner using headless chrome
Project Morya is just a collection of bash scripts that runs iteratively to carry out various tools and recon process & store output in an organized way
Let's check if your target is vulnerable for client side prototype pollution.
Prototype Pollution Scanner
A Burp Suite extension to add OpenAI to Burp to help you with your Bug Bounty recon!
Automated Recon for Pentesting & Bug Bounty
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
An AIO Tool to check for Vulnerable Amazon S3 Buckets as part of Bug Bounty, the uniqueness of this tool is that it can take a file full of buckets, and check all of them with various attack scenarios if they are vulnerable
Scan for open S3 buckets and dump the contents
ScanT3r - Module based Bug Bounty Automation Tool
The original slurp source
A blazing fast & feature rich Amazon S3 bucket enumerator.
Attack Surface Management Platform | Sn1perSecurity LLC
A declarative, efficient, and flexible JavaScript library for building user interfaces.
š Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ššš
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ā¤ļø Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.