bpavesi

bpavesi

5 followers · 11 following

confused Public
Forked from visma-prodsec/confused

Tool to check for dependency confusion vulnerabilities in multiple package management systems

Go MIT License Updated Aug 19, 2024
bug-bounties Public
Forked from Lissy93/bug-bounties

⚔️ A compiled list of companies who have active programs for responsible disclosure

Svelte MIT License Updated Aug 18, 2024
slrp Public
Forked from nfx/slrp

rotating open proxy multiplexer

Go MIT License Updated Aug 15, 2024
h2spacex Public
Forked from nxenon/h2spacex

HTTP/2 Single Packet Attack low Level Library / Tool based on Scapy‌ + Exploit Timing Attacks

Python GNU General Public License v3.0 Updated Aug 12, 2024
hydra Public
Forked from ory/hydra

OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Securi…

Go Apache License 2.0 Updated Jul 5, 2024
kratos Public
Forked from ory/kratos

Next-gen identity server replacing your Auth0, Okta, Firebase with hardened security and PassKeys, SMS, OIDC, Social Sign In, MFA, FIDO, TOTP and OTP, WebAuthn, passwordless and much more. Golang, …

Go Apache License 2.0 Updated Jun 24, 2024
oathkeeper Public
Forked from ory/oathkeeper

A cloud native Identity & Access Proxy / API (IAP) and Access Control Decision API that authenticates, authorizes, and mutates incoming HTTP(s) requests. Inspired by the BeyondCorp / Zero Trust whi…

Go Apache License 2.0 Updated Jun 24, 2024
first-sequence-sync Public
Forked from Ry0taK/first-sequence-sync

Python Updated Jun 21, 2024
hackerone-reports Public
Forked from reddelexc/hackerone-reports

Top disclosed reports from HackerOne

Python Updated Apr 20, 2024
Galaxy-Bugbounty-Checklist Public
Forked from 0xmaximus/Galaxy-Bugbounty-Checklist

Tips and Tutorials for Bug Bounty and also Penetration Tests.

Updated Feb 12, 2024
Web-Attack-Cheat-Sheet Public
Forked from riramar/Web-Attack-Cheat-Sheet

Web Attack Cheat Sheet

Updated Dec 16, 2023
hudsucker Public
Forked from omjadas/hudsucker

Intercepting HTTP/S proxy

Rust Apache License 2.0 Updated Dec 7, 2023
dirsearch Public
Forked from maurosoria/dirsearch

Web path scanner

Python Updated Dec 3, 2023
jsmon Public
Forked from robre/jsmon

a javascript change monitoring tool for bugbounties

Python MIT License Updated Dec 2, 2023
BBTz Public
Forked from m4ll0k/BBTz

BBT - Bug Bounty Tools (examples💡)

Python Updated Nov 25, 2023
fuzz4bounty Public
Forked from 0xPugal/fuzz4bounty

1337 Wordlists for Bug Bounty Hunting

Updated Nov 13, 2023
cruster Public
Forked from sinKettu/cruster

Intercepting MitM proxy with flexible security scanner power

Rust Apache License 2.0 Updated Oct 23, 2023
awesome-burp-extensions Public
Forked from snoopysecurity/awesome-burp-extensions

A curated list of amazingly awesome Burp Extensions

Creative Commons Zero v1.0 Universal Updated Aug 17, 2023
probable_subdomains Public
Forked from zzzteph/probable_subdomains

Subdomains analysis and generation tool. Reveal the hidden!

GNU General Public License v3.0 Updated Aug 6, 2023
TLS-Attacker Public
Forked from tls-attacker/TLS-Attacker

TLS-Attacker is a Java-based framework for analyzing TLS libraries. It can be used to manually test TLS clients and servers or as as a software library for more advanced tools.

Java Apache License 2.0 Updated Jul 7, 2023
Facebook-BugBounty-Writeups Public
Forked from jaiswalakshansh/Facebook-BugBounty-Writeups

Collection of Facebook Bug Bounty Writeups

Updated Jun 27, 2023
awesome-wordlists Public
Forked from gmelodie/awesome-wordlists

A curated list wordlists for bruteforcing and fuzzing

Apache License 2.0 Updated Jun 22, 2023
vulnerability-Checklist Public
Forked from Az0x7/vulnerability-Checklist

Updated May 21, 2023
navgix Public
Forked from zeroc00I/navgix

navgix is a multi-threaded golang tool that will check for nginx alias traversal vulnerabilities

Go Updated May 20, 2023
CVE-2021-44228-Apache-Log4j-Rce Public
Forked from tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce

Apache Log4j 远程代码执行

Java Updated May 14, 2023
log4shell-vulnerable-app Public
Forked from christophetd/log4shell-vulnerable-app

Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).

Java Apache License 2.0 Updated May 11, 2023
PESD-Exporter-Extension Public
Forked from doyensec/PESD-Exporter-Extension

PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams

HTML Apache License 2.0 Updated Apr 18, 2023
google-dorks Public
Forked from Proviesec/google-dorks

Useful Google Dorks for WebSecurity and Bug Bounty

Updated Mar 12, 2023
Bug-Bounty-Wordlists Public
Forked from Karanxa/Bug-Bounty-Wordlists

A repository that includes all the important wordlists used while bug hunting.

MIT License Updated Mar 11, 2023
Dorks-collections-list Public
Forked from cipher387/Dorks-collections-list

List of Github repositories and articles with list of dorks for different search engines

Updated Mar 10, 2023

bpavesi

confused Public

Uh oh!

bug-bounties Public

Uh oh!

slrp Public

Uh oh!

h2spacex Public

Uh oh!

hydra Public

Uh oh!

kratos Public

Uh oh!

oathkeeper Public

Uh oh!

first-sequence-sync Public

Uh oh!

hackerone-reports Public

Uh oh!

Galaxy-Bugbounty-Checklist Public

Uh oh!

Web-Attack-Cheat-Sheet Public

Uh oh!

hudsucker Public

Uh oh!

dirsearch Public

Uh oh!

jsmon Public

Uh oh!

BBTz Public

Uh oh!

fuzz4bounty Public

Uh oh!

cruster Public

Uh oh!

awesome-burp-extensions Public

Uh oh!

probable_subdomains Public

Uh oh!

TLS-Attacker Public

Uh oh!

Facebook-BugBounty-Writeups Public

Uh oh!

awesome-wordlists Public

Uh oh!

vulnerability-Checklist Public

Uh oh!

navgix Public

Uh oh!

CVE-2021-44228-Apache-Log4j-Rce Public

Uh oh!

log4shell-vulnerable-app Public

Uh oh!

PESD-Exporter-Extension Public

Uh oh!

google-dorks Public

Uh oh!

Bug-Bounty-Wordlists Public

Uh oh!

Dorks-collections-list Public

Uh oh!