28 Repositories
Python bug-bounty Libraries
IPscan - This Script is Framework To automate IP process large scope For Bug Hunting
IPscan This Script is Framework To automate IP process large scope For Bug Hunti
Dark Finix: All in one hacking framework with almost 100 tools
Dark Finix - Hacking Framework. Dark Finix is a all in one hacking framework wit
BETA: Layla - recon tool for bug bounty
WELCOME TO LAYLA Layla is a python script that automatically performs recon on a
EmailAll - a powerful Email Collect tool
EmailAll A powerful Email Collect tool 0x1 介绍 😲 EmailAll is a powerful Email Co
A reproduction repo for a Scheduling bug in AirFlow 2.2.3
A reproduction repo for a Scheduling bug in AirFlow 2.2.3
Find virtual hosts (vhosts) from IP addresses and hostnames
Features Enumerate vhosts from a list of IP addresses and domain names. Virtual Hosts are enumerated using the following process: Supplied domains are
Automated bug/error reporting for napari
napari-error-monitor Want to help out napari? Install this plugin! This plugin will automatically send error reports to napari (via sentry.io) wheneve
Automated tool to find & created Exploit Poc for Clickjacking Vulnerability
ClickJackPoc This tool will help you automate finding Clickjacking Vulnerability by just passing a file containing list of Targets . Once the Target i
Bug Alert: a service for alerting security and IT professionals of high-impact and 0day vulnerabilities
Bug Alert Bug Alert is a service for alerting security and IT professionals of h
Design by contract for Python. Write bug-free code. Add a few decorators, get static analysis and tests for free.
A Python library for design by contract (DbC) and checking values, exceptions, and side-effects. In a nutshell, deal empowers you to write bug-free co
telegram bug that discloses user's hidden phone number (still unpatched) (exploit included)
CVE-2019-15514 Type: Information Disclosure Affected Users, Versions, Devices: All Telegram Users Still not fixed/unpatched. brute.py is available exp
Simulating Log4j Remote Code Execution (RCE) vulnerability in a flask web server using python's logging library with custom formatter that simulates lookup substitution by executing remote exploit code.
py4jshell Simulating Log4j Remote Code Execution (RCE) CVE-2021-44228 vulnerability in a flask web server using python's logging library with custom f
Replication Code for "Self-Supervised Bug Detection and Repair" NeurIPS 2021
Self-Supervised Bug Detection and Repair This is the reference code to replicate the research in Self-Supervised Bug Detection and Repair in NeurIPS 2
Moodle community-based vulnerability scanner
badmoodle Moodle community-based vulnerability scanner Description badmoodle is an unofficial community-based vulnerability scanner for moodle that sc
GET-ACQ is a python tool used to gather all companies acquired by a given company domain name.
get-acq 🏢 GET-ACQ is a python tool used to gather all companies acquired by a given company domain name. It is done by calling SecurityTrails API. Us
BUG OUTBREAK is a game of adventure and shooting.
BUG OUTBREAK BUG OUTBREAK is a game of adventure and shooting. I am building the game for Github Game Off 2021. This game has 5 levels. You have to co
Django CacheMiddleware has a multi-threading issue with pylibmc
django-pylibmc-bug Django CacheMiddleware has a multi-threading issue with pylibmc. CacheMiddleware shares a thread-unsafe cache object with many thre
A telegram bot providing recon and research functions for bug bounty research
Bug Bounty Bot A telegram bot with commands to simplify bug bounty tasks Installation Use Road Map Installation BugBountyBot is open-source so you can
Early days of an Asset Discovery tool.
Please star this project! Written in Python Report Bug . Request Feature DISCLAIMER This project is in its early days, everything you see here is almo
GitScanner is a script to make it easy to search for Exposed Git through an advanced Google search.
GitScanner Legal disclaimer Usage of GitScanner for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to
👑 Discovery Header DoD Bug-Bounty
👑 Discovery Header DoD Bug-Bounty Did you know that DoD accepts server headers? 😲 (example: apache"version" , php"version") ? In this code it is pos
Submission to Twitter's algorithmic bias bounty challenge
Twitter Ethics Challenge: Pixel Perfect Submission to Twitter's algorithmic bias bounty challenge, by Travis Hoppe (@metasemantic). Abstract We build
Fetch the details of assets hosted on AWS.
onaws onaws is a simple tool to check if an IP/hostname belongs to the AWS IP space or not. It uses the AWS IP address ranges data published by AWS to
Amazing GitHub Template - Sane defaults for your next project!
🚀 Useful README.md, LICENSE, CONTRIBUTING.md, CODE_OF_CONDUCT.md, SECURITY.md, GitHub Issues and Pull Requests and Actions templates to jumpstart your projects.
GG Dorking is a tool to generate GitHub and Google dorking for pentesters and bug bounty hunters.
GG-Dorking GG Dorking is a python tool to generate GitHub and Google dorking links for pentesters and bug bounty hunters. It will help you to find imp
Trac is an enhanced wiki and issue tracking system for software development projects (mirror)
About Trac Trac is a minimalistic web-based software project management and bug/issue tracking system. It provides an interface to the Git and Subvers
A Python tool to automate some dorking stuff to find information disclosures.
WebDork v1.0.3 A open-source tool to find publicly available sensitive information about Companies/Organisations! WebDork A Python tool to automate so
A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.
📂 Public Bug Bounty Targets Data By BugBountyResources A collection of over 5.1M sub-domains and assets belonging to bug bounty targets, all put in a