titosantana609 Goto Github PK

4-zero-3

403/401 Bypass Methods + Bash Automation + Your Support ;)

allaboutbugbounty

All about bug bounty (bypasses, payloads, and etc)

aquatone

A Tool for Domain Flyovers

ars0n-framework-srt

A lightweight version of my bug bounty hunting framework designed to be run on Synack's LP+ machines.

automatedlab

AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2019, some Linux distributions and various products like AD, Exchange, PKI, IIS, etc.

awesome-pentest

A collection of awesome penetration testing resources, tools and other shiny things

awesome-redteam-cheatsheet

Active Directory & Red-Team Cheat-Sheet in constant expansion.

bugbounty

Scripts I made while doing bug bounty

burpsuite-for-pentester

bypass-403

A simple script just made for self use for bypassing 403

commix

Automated All-in-One OS Command Injection Exploitation Tool.

crt_sh

A python script that will search crt.sh

dalfox

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

drawnmap

Friendly graphical output of the nmap tool that allows filtering by open ports

feroxbuster

A fast, simple, recursive content discovery tool written in Rust.

fuzzdb

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

homelabresources

List of resources for buiding a home lab

httpx

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

interactsh

An OOB interaction gathering server and client library

kali-hydration

A basic bash script to configure Kali

kingofbugbountytips

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..

offensive-payloads

List of payloads and wordlists that are specifically crafted to identify and exploit vulnerabilities in target web applications.

oralyzer

Open Redirection Analyzer

pentesting-active-directory

Active Directory pentesting mind map

phishing-email-address-generator

PhishGen is a penetration testing and red teaming tool that automates the process of generating email addresses using names scraped from social media sites and scrapes email addresses from additional websites. This script was tested with Python 2.7

reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

santanas_scanner

This is a python based web scanner

seclists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

secretfinder

SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files

syn-wstg

The Web Security Testing Guide is a comprehensive open source guide to testing the security of web applications and web services.