Attr1b's Projects
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Tutorials and Things to Do while Hunting Vulnerability.
checkout F/programs folder
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
Encrypted chat application in python
Community curated list of templates for the nuclei engine to find security vulnerabilities.
OpenSearch is a collection of simple formats for the sharing of search results.
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
This Contains all kind of resources for learning purpose which includes Conference, jobs, Bugbounty/pentesting HelpDesk, How to get started etc.
Project Morya is just a collection of bash scripts that runs iteratively to carry out various tools and recon process & store output in an organized way
This is a code repository for the corresponding video tutorial. In this video, we're going to build a Web 3.0 React Solidity Blockchain Application
Accept URLs on stdin, replace all query string values with a user-supplied value
Bug Bounty writeups, Vulnerability Research, Tutorials, Tips&Tricks
SecurityExplained is a new series after the previous learning challenge series #Learn365. The aim of #SecurityExplained series is to create informational content in multiple formats and share with the community to enable knowledge creation and learning.
Senior Java Developer / Cyber security Researcher “Jack of all trades !” I am a self-taught Bug Bounty Hunter /Cyber Security Enthusiast with a passion for programming and a penchant for learning new technologies. I have been a reliable team-player who envisages and develops production-worthy systems and applications for my clients. After 8 years of being an ardent programmer(JAVA ) , I switched gears to cyber security and became a Bug Bounty Hunter. I have experience working on pentesting labs such as Hackthebox, OSCP labs, Pentesterlab, Tryhackme, Virtualhackinglabs etc. I am excited to leverage my cross-domain knowledge and experience to resolve interesting problems. Twitter :- [https://mobile.twitter.com/sillydadddy] LinkedIn :- [https://www.linkedin.com/in/kishore-k-pai]
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Sub-Domain TakeOver Vulnerability Scanner
The Bug Hunters Methodology
So your teacher asked you to upload written assignments? Hate writing assigments? This tool will help you convert your text to handwriting xD
This repository contains all the supplement material for the book "The art of sub-domain enumeration"
TorGhost is an anonymization script. TorGhost redirects all internet traffic through SOCKS5 tor proxy. DNS requests are also redirected via tor, thus preventing DNSLeak. The scripts also disables unsafe packets exiting the system. Some packets like ping request can compromise your identity.
Vaf is a cross-platform very advanced and fast web fuzzer written in nim