elb4rt0 Goto Github PK

airgeddon

This is a multi-use bash script for Linux systems to audit wireless networks.

all-in-one_bugbounty_pdf_bundles

atomic-harness

A tool to run and validate telemetry for Atomic Red Team tests

awesome-bugbounty-tools

A curated list of various bug bounty tools

awesome-oneliner-bugbounty

A collection of awesome one-liner scripts especially for bug bounty tips.

bartolomeo

beroot

Privilege Escalation Project - Windows / Linux / Mac

bheem

bot

Bot para telegram

broken-link-checker

Find broken links, missing images, etc within your HTML.

bugbountyscanner

A simple Bash script for Bug Bounty reconnaissance, intended for headless use.

bypass-web-application-firewalls

Bypassing-Web-Application-Firewalls-And-XSS-Filters A series of python scripts for generating weird character combinations and lists for BurpSuite Pro for bypassing web application firewalls (WAF) and XSS filters. These python scripts have been created to fuzz wierd combinations: URL Escape Characters HTML Escape Characters Binary Characters These scripts were created during an assessment, while trying to bypass a Web Application Firewall (WAF) in order to exploit a XSS vulnerability. Differnt webservers and browsers interpret URL and strange characters differently which could lead to the bypassing of security controls. When I tried to send a > or < character the WAF would block the request. The following URL escapes I have noticed are traslated to < > ' by Apache2 based web servers: %(N%(n%)S%)U%)^%)s%)u%*C%*E%*c%*e%,.%.#%1N%1n%2S%2U%2^%2s%2u%3C%3E%3c%3e%5.%7#%:C%:E %:c%:e%HN%Hn%IS%IU%I^%Is%Iu%JC%JE%Jc%Je%L.%N#%XN%Xn%YS%YU%Y^%Ys%Yu%ZC%ZE%Zc%Ze%.%^# %hN%hn%iS%iU%i^%is%iu%jC%jE%jc%je%l.%n#%xN%xn%yS%yU%y^%ys%yu%zC%zE%zc%ze%|

can-i-take-over-xyz

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

chopchop

ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.

cmdshell

covenant

Covenant is a collaborative .NET C2 framework for red teamers.

crawler

Crawl website extract links

crimson

Reconstruction and automation of the reconnaissance phase.

cve-2020-0796

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

domain

Setup script for Regon-ng

dvcs-pillage

Pillage web accessible GIT, HG and BZR repositories

eaphammer

Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.

eko15

exploitdb

The official Exploit Database repository

extractor

Extract all the URL in a given link

ezxss

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

frog-fuzzuli

fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.

fuzz.txt

Potentially dangerous files

fuzzdb

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

ghostpack-compiledbinaries

Compiled Binaries for Ghostpack (.NET v4.0)