a1k-ghaz1's Projects
Toolkit to detect and keep track on Blind XSS, XXE & SSRF
A script to set up a quick Ubuntu 17.10 x64 box with tools I use.
BBT - Bug Bounty Tools (examples💡)
Generate Gmail Emailing Keyloggers to Windows.
Best Penetration Tools | أفضل أدوات الاختراق
A complete, modular, portable and easily extensible MITM framework.
BHHIT is a automated Host-Header-Injection attack detector.
Official Black Hat Arsenal Security Tools Repository
Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .
Automatically exploit time-based blind SQL injection vulnerabilities
Blockchain v1.2 is a BTC lookup script written in Bash. The script can be used to track any Bitcoin address including total transactions, total received amount, final amount etc.
BlockCypher script extracts information from Bitcoin transaction ID including Transaction Code, Fee, Transacted amount, Final amount, Block hash, Block size and the date and time when the transaction was comepleted.
Automated security reporting from markdown templates (HackerOne is currently the platform supported)
An advanced multithreaded admin panel finder written in python.
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
A list of interesting payloads, tips and tricks for bug bounty hunters.
aquatone results for sites with bug bountys
Burp Free plugin to test for host header injection vulnerabilities. (Development)
Bypass WAF SQL Injection SQLMAP
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Web Content Discovery Tool
Python Library for Censys
⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.