reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

Asset inventory of over 800 public bug bounty programs.

An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.

My subdomain enumeration script. It's unique in the way it is built upon.

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

🔨 List all IP ranges from: Google (Cloud & GoogleBot), Bing (Bingbot), Amazon (AWS), Microsoft, Oracle (Cloud), GitHub, Facebook (Meta), OpenAI (GPTBot) and other with daily updates.

Bug Bounty ~ Awesomes | Books | Cheatsheets | Checklists | Tools | Wordlists | More

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

Arsenal is a Simple shell script (Bash) used to install tools and requirements for Bug Bounty

bash scripting thing!

Crtsh Subdomain Enumeration | This bash script makes it easy to quickly save and parse the output from https://crt.sh website.

Local penetration testing lab using docker-compose.

Script that automates the installation of the main tools used for web application penetration testing and Bug Bounty.

My useful files for penetration tests, security assessments, bug bounty and other security related stuff

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based tools to gather information and identify the attack surface, making it a valuable asset for bug bounty hunters and penetration testers.

Find Email Spoofing Vulnerablity of domains

Curated lists of InfoSec on Twitter. Find out who's awesome to follow!

A wrapper around tools used for subdomain enumeration, to automate the workflow, on a given domain, written in bash.