🕵️ Python project to crawl for JavaScript files and search for secrets like API keys, authorization tokens, hardcoded credentials, etc.

「🔑」A tool used to hunt down API key leaks in JS files and pages

Scan MCP servers for potential threats & security findings.

A New Approach to Directory Bruteforce with WaybackLister v1.0

ThreatTracer - A python Script to identify CVE by name & version and more by @FR13ND0x7F

Unveiling Cyber Threats: From assets to Vulnerability Insights

Parses nessus vulnerability scan data to streamline CVE POC lookups

Weaponizing WaybackUrls for Recon, BugBounties , OSINT, Sensitive Endpoints and what not

Effortless data labeling with AI support from Segment Anything and other awesome models.

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

This repo contains scripts to query dehashed.com and crack the returned hashes which will then save all cleartext passwords and hashes to files.

A phonebook.cz scraper

Wappalyzer CLI tool to find Web Technologies

参数 | 字典 collections

Roadmap for preparing for OSCP, anyone is free to use this, and also feedback and contributions are welcome

XSS payloads designed to turn alert(1) into P1

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

ScanT3r - Module based Bug Bounty Automation Tool ( use Lotus instead github.com/bugBlocker/lotus )