Jason Haddix's Projects
In-depth DNS Enumeration and Network Mapping
In-depth Attack Surface Mapping and Asset Discovery
ASN reconnaissance script
A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.
An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker Compose
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bucrowd LevelUp 2017 virtual conference
"Can I take over XYZ?" β a list of services and how to claim (sub)domains with dangling DNS records.
:steam_locomotive::train: - sturdy 4kb frontend framework
Awesome cloud enumerator
A collection of CTF solution types, i.e. not solutions to specific CTF challenges, but the general categories that those solutions fall under. Includes CTF solution categories for web, binary, network, crypto, and others. Please contribute!
Driving safety, simplicity, and standardization in vulnerability disclosure.
Open Source Responsible Disclosure Framework from Bugcrowd and CipherLaw
Setup script for Regon-ng
Dumps decrypted mach-o files from encrypted iPhone applications from memory to disk. This tool is necessary for security researchers to be able to look under the hood of encryption.
Damn Vulnerable IOS App (DVIA) is an IOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their IOS penetration testing skills in a legal environment. This application covers all the common vulnerabilities found in IOS applications (following OWASP top 10 mobile risks) and contains several challenges that the user can try. This application also contains a section where a user can read various articles on IOS application security. This project is developed and maintained by @prateekg147. The vulnerabilities and solutions covered in this app are tested upto IOS 7.0.4 .
gnmapper - Greppable NMAP (gnmap) to CSV parser / converter written in bash
A Post-exploitation Toolset for Interacting with the Microsoft Graph API
CT Log Scanner
The wordlists that have been compiled using disclosed reports at HackerOne bug bounty platform
Internal Monologue Attack: Retrieving NTLM Hashes without Mimikatz
ios source grepper
a .js scanner, built in php. designed to scrape urls and other info
β‘·β πππππ ππΈβ β’Ύ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)