Python script to enumerate valid Microsoft 365 domains, retrieve tenant name, and check for an MDI instance. - expl0itabl3/check_mdi

Welcome to my personal portfolio. I'm bug hunter at Bugcrowd & Independet Pentester with +3 years experience with BugBounty hunting.

Chase subdomains by parsing the results of Google and Yandex search results - w0ltage/subchase

HTTP 403 bypass tool. Contribute to trap-bytes/403jump development by creating an account on GitHub.

A Security Tool for Bug Bounty, Pentest and Red Teaming. - zan8in/afrog

Security Vulnerabilities published by Hackerone

A one liner Bash command which finds CORS in every possible endpoint. - kleiton0x00/CORS-one-liner

This cheat sheet contains payloads for bypassing URL validation. These wordlists are useful for attacks such as server-side request forgery, CORS ...

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities - six2dez/reconftw

A New Approach to Directory Bruteforce with WaybackLister v1.0 - anmolksachan/wayBackLister

BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-...