-
resolvers Public
List of Fresh DNS resolvers updates every 1 hour
-
medium-writeups Public
This repository updates latest Bug Bounty medium writeups every 10 minutes, https://readmedium.com/Medium_URL, https://archive.ph/Medium_URL, https://freedium.cfd/Medium_URL
-
scope Public
An automated GitHub Actions-based crawler that fetches and updates public scopes from popular bug bounty platforms (like Hackerone/Bugcrowd/Intigriti/etc) (updates every 10 minutes)
-
stravac Public
List of all strava challenges, (updates every 6 hours).
-
targets-filter Public
Converting trickest and chaos bbp targets in json, updates every 12 hour
-
wordpress-plugins Public
Scrape all wordpress plugins (updates every 6 hour)
-
cvemapping Public
This repo Gathers all available cve exploits from github.
⚠️ Be careful Malware. -
xssrecon Public
XSSRecon automates the process of testing URL parameters for reflection of a test payload rix4uni and further checks how special characters are handled (allowed, blocked, or converted).
-
GarudRecon Public
GarudRecon automates domain recon with top open-source tools to discover assets, enumerate subdomains, and detect XSS, SQLi, LFI, RCE & more.
-
commoncrawlscans Public
A high-performance Go tool for scanning CommonCrawl index files, extracting URLs, and filtering them by file extensions. This tool processes CommonCrawl data concurrently and efficiently extracts U…
-
-
CVE-2025-55182 Public
A command-line tool for detecting CVE-2025-55182 and CVE-2025-66478 in Next.js applications using React Server Components.
-
-
tldinfo Public
Accurately separates a URL’s subdomain, domain, and public suffix, using the Public Suffix List (PSL).
-
unew Public
A high-performance command-line utility for processing and managing unique lines from input streams. Combining the functionality of sort, uniq, and tee, unew efficiently filters duplicates while of…
-
emailautomation Public
A powerful Go-based tool for automating bug bounty report emails. This tool processes markdown files, extracts target domains, finds email addresses, and sends beautifully formatted HTML emails to …
-
-
shortscan Public
Forked from bitquark/shortscanAn IIS short filename enumeration tool
-
axion Public
Forked from MrMahile/axionA Go CLI tool to control multiple VPS instances via SSH using a YAML configuration file.
Go UpdatedDec 30, 2025 -
react2shell-scanner Public
Forked from assetnote/react2shell-scannerHigh Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478)
Python UpdatedDec 26, 2025 -
subhijack Public
A fast and efficient subdomain hijacking scanner that checks for takeover vulnerabilities by matching HTTP response bodies against predefined service fingerprints.
-
sftpsender Public
A lightweight CLI tool for uploading and downloading files/directories to/from remote servers using SFTP over SSH.
Go UpdatedDec 20, 2025 -
subdog Public
A powerful subdomain enumeration tool that aggregates data from multiple sources to create comprehensive lists of root subdomains.
-
emailextractor Public
High-speed Go email scraper that crawls sites and internal links concurrently to collect email addresses for reconnaissance, research, or sales intelligence.
-
WordList Public
Custom wordlist, updated regularly
-
linkinspector Public
linkinspector is a fast command-line tool for inspecting URLs and retrieving HTTP status codes, content lengths, and content types. It supports filtering and matching responses, and can process URL…
-
redirectfinder Public
A fast and efficient Open Redirect vulnerability scanner written in Go. This tool automates the process of testing URLs for open redirect vulnerabilities by replacing parameter values with redirect…
-
urldedupe Public
Forked from ameenmaali/urldedupePass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
C++ MIT License UpdatedDec 15, 2025 -
ipfinder Public
IP Finder tool, ipfinder collects IP addresses from Shodan search queries.
-
gungnir Public
Forked from g0ldencybersec/gungnirCT Log Scanner
{{ message }}