blakduk

blakduk

5 followers · 2 following

vuln-bank Public
Forked from Commando-X/vuln-bank

A deliberately vulnerable banking application designed for practicing secure code reviews and API security testing. Features common vulnerabilities found in real-world applications, making it an id…

Python MIT License Updated Oct 5, 2025
google-dorks-bug-bounty Public
Forked from TakSec/google-dorks-bug-bounty

A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting

MIT License Updated Sep 29, 2025
DCOMUploadExec Public
Forked from deepinstinct/DCOMUploadExec

DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely

C++ Updated Dec 13, 2024
gerobug Public
Forked from gerosecurity/gerobug

The First Open Source Bug Bounty Platform

HTML GNU Affero General Public License v3.0 Updated Nov 21, 2024
apkeep Public
Forked from EFForg/apkeep

Rust MIT License Updated Aug 15, 2024
APKEditor Public
Forked from REAndroid/APKEditor

Powerful android apk editor - aapt/aapt2 independent

Java Apache License 2.0 Updated Aug 2, 2024
android-unpinner Public
Forked from mitmproxy/android-unpinner

Remove Certificate Pinning from APKs

JavaScript Updated May 23, 2024
VulnLab Public
Forked from Yavuzlar/VulnLab

CSS Other Updated May 12, 2024
google-dorks Public
Forked from Proviesec/google-dorks

Useful Google Dorks for WebSecurity and Bug Bounty

Updated Mar 30, 2024
sourcemapper Public
Forked from denandz/sourcemapper

Extract JavaScript source trees from Sourcemap files

Go BSD 3-Clause "New" or "Revised" License Updated Mar 22, 2024
vBank Public
Forked from vchan-in/fvb

vBank is a vulnerable bank application that demonstrates how to exploit common REST and GraphQL API vulnerabilities, such as those listed in the OWASP API Security Top 10.

Vue MIT License Updated Feb 27, 2024
AD_Miner Public
Forked from AD-Security/AD_Miner

AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses

JavaScript GNU General Public License v3.0 Updated Dec 8, 2023
sysreptor Public
Forked from Syslifters/sysreptor

Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.

Python Other Updated Nov 30, 2023
uber-apk-signer Public
Forked from patrickfav/uber-apk-signer

A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing s…

Java Apache License 2.0 Updated Oct 30, 2023
Advisories Public

2 1 Updated Oct 30, 2023
CVE-2023-36745 Public
Forked from N1k0la-T/CVE-2023-36745

Python Updated Oct 29, 2023
inventory Public
Forked from trickest/inventory

Asset inventory of over 800 public bug bounty programs.

Shell MIT License Updated Oct 24, 2023
EDRSandblast Public
Forked from wavestone-cdt/EDRSandblast

C Updated Oct 19, 2023
badsecrets Public
Forked from blacklanternsecurity/badsecrets

A library for detecting known secrets across many web frameworks

Python GNU General Public License v3.0 Updated Oct 12, 2023
PPLFault Public
Forked from gabriellandau/PPLFault

C Other Updated Oct 3, 2023
EDRSandblast-GodFault Public
Forked from gabriellandau/EDRSandblast-GodFault

EDRSandblast-GodFault

C Updated Aug 28, 2023
BypassAV Public
Forked from matro7sh/BypassAV

This map lists the essential techniques to bypass anti-virus and EDR

Updated Aug 9, 2023
JS_Telegram_Chegg_Unlock Public
Forked from Sidhureddi/JS_Telegram_Chegg_Unlock

Chegg Unlocks - Deploy in Fly.io

JavaScript Updated Jul 6, 2023
DavRelayUp Public
Forked from Dec0ne/DavRelayUp

DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the default settings).

C# Updated Jun 5, 2023
RedTeam-Tools Public
Forked from A-poc/RedTeam-Tools

Tools and Techniques for Red Team / Penetration Testing

Updated May 30, 2023
awesome-bugbounty-tools Public
Forked from vavkamil/awesome-bugbounty-tools

A curated list of various bug bounty tools

Creative Commons Zero v1.0 Universal Updated May 9, 2023
SWS-Recon-Tool Public
Forked from ShobhitMishra-bot/SWS-Recon-Tool

SWS-Recon is a Python Tool designed to performed Reconnaissance on the given target website- Domain or SubDomain. SWS-Recon collects information such as Google Dork, DNS Information, Sub Domains, P…

Python MIT License Updated Mar 16, 2023
Responder Public
Forked from lgandx/Responder

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

Python GNU General Public License v3.0 Updated Mar 15, 2023
Weblogic-CVE-2023-21839 Public
Forked from DXask88MA/Weblogic-CVE-2023-21839

Java Updated Feb 21, 2023
exch_CVE-2021-42321 Public
Forked from 7BitsTeam/exch_CVE-2021-42321

C# Updated Oct 8, 2022

blakduk

vuln-bank Public

Uh oh!

google-dorks-bug-bounty Public

Uh oh!

DCOMUploadExec Public

Uh oh!

gerobug Public

Uh oh!

apkeep Public

Uh oh!

APKEditor Public

Uh oh!

android-unpinner Public

Uh oh!

VulnLab Public

Uh oh!

google-dorks Public

Uh oh!

sourcemapper Public

Uh oh!

vBank Public

Uh oh!

AD_Miner Public

Uh oh!

sysreptor Public

Uh oh!

uber-apk-signer Public

Uh oh!

Advisories Public

Uh oh!

CVE-2023-36745 Public

Uh oh!

inventory Public

Uh oh!

EDRSandblast Public

Uh oh!

badsecrets Public

Uh oh!

PPLFault Public

Uh oh!

EDRSandblast-GodFault Public

Uh oh!

BypassAV Public

Uh oh!

JS_Telegram_Chegg_Unlock Public

Uh oh!

DavRelayUp Public

Uh oh!

RedTeam-Tools Public

Uh oh!

awesome-bugbounty-tools Public

Uh oh!

SWS-Recon-Tool Public

Uh oh!

Responder Public

Uh oh!

Weblogic-CVE-2023-21839 Public

Uh oh!

exch_CVE-2021-42321 Public

Uh oh!