Ahmed Elsherif's Projects
40,000+ Nuclei templates for security scanning and detection across diverse web applications and services
All about bug bounty (bypasses, payloads, and etc)
Generates permutations, alterations and mutations of subdomains and then resolves them
fuzzing API endpoint
A collection of awesome API Security tools and resources.
Awesome note-taking apps for hackers & pentesters !
A collection of various awesome lists for hackers, pentesters and security researchers
Awesome XSS stuff
BBT - Bug Bounty Tools (examples💡)
Bug Bounty Roadmaps
A collection of Bug Bounty Tips collected from GitHub to all bug bounty hunters
Bugbounty Resources
A list of interesting payloads, tips and tricks for bug bounty hunters.
هذا المستودع هي محاولة منا لاثراء المحتوي العربي بخصوص البج بونتي ومايحتويه من انواع ثغرات الي تقنيات مختلفة الي مصادر متعددة
This Burp extension extracts various data (path, parameter keys, parameter values, subdomains, etc.) from the sitemap. This data is used to create custom wordlists for directory/dns/parameter brute-forcing.
Go script for bypassing 403 forbidden
Extract pieces of info from a web page's Wayback Machine history
Simple script tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.
Config files for my GitHub profile.
My name is Ahmed Elsherif.
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Making Favicon.ico based Recon Great again !
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
A wrapper around grep, to help you grep for things