jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security v…

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

declutters url lists for crawling/pentesting

Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a variety of supported platforms.

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Accept URLs on stdin, replace all query string values with a user-supplied value

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

A python script to scan for Apache Tomcat server vulnerabilities.

your bestfried for finding LinkedIn Employees on github

GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep

your bestfried for finding URLs of a target