SAGAR DHAKAL's Projects
A cheat sheet that contains advanced queries for SQL Injection of all types.
Instant, Open source API security → API discovery, automated business logic testing and runtime detection.
A python script to scan for Apache Tomcat server vulnerabilities.
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
HTTP parameter discovery suite.
test
A curated list of various bug bounty tools
A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.
OSINT automation for hackers.
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
Some files for bruteforcing certain things.
Here Are Some Collected resource from twitter
BBT - Bug Bounty Tools
A repository that includes all the important wordlists used while bug hunting.
this is the list of bugbounty programs
one liner for directory bruteforcing
🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.
Scanner for Cross-Site WebSocket Hijacking
CVE-2022-44268 ImageMagick Arbitrary File Read - Payload Generator
Dradis Framework: Colllaboration and reporting for IT Security teams
music database(django+mysql)
My subdomain enumeration script. It's unique in the way it is built upon.
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
Find leaked secrets via github search
Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
Use these for the good cause!
Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!