We have collection of more than 1 Million open source products ranging from Enterprise product to small libraries in all platforms. We aggregate information from all open source repositories. Search and find the best for your needs. Check out projects section.
bugbounty-cheatsheet - A list of interesting payloads, tips and tricks for bug bounty hunters.
We welcome contributions from the public. The issue tracker is the preferred channel for bug reports and features requests.
security payloads infosec bugbountyNoSQLMap - Automated NoSQL database enumeration and web application exploitation tool.
NoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases and web applications using NoSQL in order to disclose or clone data from the database. Originally authored by @tcsstool and now maintained by @codingo_ NoSQLMap is named as a tribute to Bernardo Damele and Miroslav's Stampar's popular SQL injection tool sqlmap. Its concepts are based on and extensions of Ming Chow's excellent presentation at Defcon 21, "Abusing NoSQL Databases".
nosql nosql-databases penetration-testing scanner security-audit security-tools security-toolset offensive-security enumeration databases mongodb couchdb web-application-security bugbounty redis mongodb-database sql-injection hacking hacking-tool hacktoberfestcan-i-take-over-xyz - "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records
Subdomain takeover vulnerabilities occur when a subdomain (subdomain.example.com) is pointing to a service (e.g. GitHub pages, Heroku, etc.) that has been removed or deleted. This allows an attacker to set up a page on the service that was being used and point their page to that subdomain. For example, if subdomain.example.com was pointing to a GitHub page and the user decided to delete their GitHub page, an attacker can now create a GitHub page, add a CNAME file containing subdomain.example.com, and claim subdomain.example.com. You can read up more about subdomain takeovers here: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/.
security infosec bugbounty listStaCoAn - StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications
StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications*. This tool was created with a big focus on usability and graphical guidance in the user interface.
bugbounty security security-tools mobile-security static-code-analysisPrivEsc - A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
A collection of Windows, Linux and MySQL privilege escalation scripts and exploits. For pre-compiled local linux exploits, check out https://www.kernel-exploits.com.
exploits privesc sql mysql hacking pentesting bugbountyAWSBucketDump - Security Tool to Look For Interesting Files in S3 Buckets
This is a tool that enumerates Amazon S3 buckets and looks for interesting files. I have example wordlists but I haven't put much time into refining them.
s3-bucket penetration-testing bugbounty enumerationVHostScan - A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages
A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. First presented at SecTalks BNE in September 2017 (slidedeck). Dependencies will then be installed and VHostScan will be added to your path. If there is an issue regarding running python3 setup.py build_ext, you will need to reinstall numpy using pip uninstall numpy and pip install numpy==1.12.0. This should resolve the issue as there are sometimes issues with numpy being installed through setup.py.
security-audit penetration-testing penetration-test virtual-hosts web-application-security discovery-service hacking hacking-tool virtual-host vhost vhosts security-tools security hackthebox oscp ctf-tools offensive-security bugbounty reverse-lookups scannerxss-payload-list - 🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of the HTML page. For more details on the different types of XSS flaws, see: Types of Cross-Site Scripting.
xss xss-payloads xss-vulnerability xss-exploitation xss-detection xss-attacks xss-scanner xss-injection xss-poc xss-scanners website-vulnerability cross-site-scripting reflected-xss-vulnerabilities dom-based self-xss websecurity payloads xss-payload payload bugbountysubjack - Hostile Subdomain Takeover tool written in Go
Subjack is a Hostile Subdomain Takeover tool written in Go designed to scan a list of subdomains concurrently and identify ones that are able to be hijacked. With Go's speed and efficiency, this tool really stands out when it comes to mass-testing. Always double check the results manually to rule out false positives. Subjack will also check for subdomains attached to domains that don't exist (NXDOMAIN) and are available to be registered. No need for dig ever again! This is still cross-compatible too.
hostile subdomain takeover subdomain-takeover bug-bounty pentesting infosec bugbounty securitysecurity_whitepapers - Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
hacking bugbounty whitepapers webappsec pentesting itsecuritySubOver - A Powerful Subdomain Takeover Tool
Subover is a Hostile Subdomain Takeover tool originally written in python but rewritten from scratch in Golang. Since it's redesign, it has been aimed with speed and efficiency in mind. Till date, SubOver detects 30+ services which is much more than any other tool out there. The tool uses Golang concurrency and hence is very fast. It can easily detect and report potential subdomain takeovers that exist. The list of potentially hijackable services is very comprehensive and it is what makes this tool so powerful. You need to have Golang installed on your machine. There are no additional requirements for this tool.
subdomain-takeover subdomain subdomains bug-bounty bugbounty takeover-subdomain hostile hostile-subdomain-takeover takeover pentestingcsi - CSI (Continuous Security Integration) Framework => Automated Security Testing for CI/CD Pipelines & Beyond
If you're willing to provide access to commercial security tools (e.g. Rapid7's Nexpose, Tenable Nessus, QualysGuard, HP WebInspect, IBM Appscan, etc) please PM us as this will continue to promote CSIs interoperability w/ industry-recognized security tools moving forward. It's easy to agree that while corporate automation is a collection of proprietary source code, the core modules used to produce automated solutions should be open for all eyes to continuously promote trust and innovation...broad collaboration is key to any automation framework's success, particularly in the cyber security arena.
continuous-integration security automation continuous-testing continuous-security vulnerability-detection static-analysis security-framework devops telephony web ethical-hacking vagrant packer aws-ec2 penetration-testing bugbounty kali-linux kali kalilinuxInventus - Inventus is a spider designed to find subdomains of a specific domain by crawling it and any subdomains it discovers
Inventus is a spider designed to find subdomains of a specific domain by crawling it and any subdomains it discovers. It's a Scrapy spider, meaning it's easily modified and extendable to your needs. Inventus requires Scrapy to be installed before it can be run. Firstly, clone the repo and enter it.
bugbounty scrapy subdomains mit-license not-completely-terriblecontact.sh - An OSINT tool to find contacts in order to report security vulnerabilities.
An OSINT tool to find contacts in order to report security vulnerabilities. Make sure you have installed the whois and jq packages.
osint security infosec bugbountycurate - A tool for fetching archived URLs (to be rewritten in Go).
A tool for fetching archived URLs (to be rewritten in Go).
security security-tools bugbountylegal-bug-bounty - #legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs
This is the #legalbugbounty standardization project. As Amit Elazari explains in her Enigma talk and her papers - the legal landscape of bug bounties is currently lacking. Safe harbor is the exception, not the standard and thousands of thousands of hunters are put in "legal's" harm way. I've suggested that bug bounty legal terms, starting with safe harbor, could and should be standardized. Once standardization of bug bounty legal language is achieved, the bug bounty economy will become an alternate private legal regime in which white-hat hacking is celebrated through regulatory incentives. Standardization will start a race-to-the-top over the quality of bug bounty terms. This project, supported by CLTC, aims to achieve standardization of bug bounty legal terms across platforms, industries and sponsors, in line with the DOJ framework, and akin to the licenses employed by Creative Commons and the open source industry. This will reduce the informational burden and increase hackers’ awareness of terms (salience). It could also signal whether a particular platform or company conforms with the standard terms that are considered best practice.
legal bugbounty security infosecproof-of-concepts - A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability
A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability. Clone this repository to a website you use for testing purposes, publish everything, and you will be able to use all of the proof of concepts under the /proof-of-concepts/ directory (e.g. http://example.com/proof-of-concepts/pastejacking_reflected_xss_payload.html).
security infosec bugbounty poc proof-of-conceptsecurity-policy-specification-standard - This document proposes a way of standardising the structure, language, and grammar used in security policies
This document proposes a way of standardising the structure, language, and grammar used in security policies. The goal is to reduce ambiguity and confusion that stems from poorly-worded security policies. Organisations and individuals can refer back to this document if their security policy uses definitions found in this document. Please note, this is the informal specification; the Internet draft is located here: https://datatracker.ietf.org/doc/draft-foudil-spss/.
security infosec specification standard bugbountysmith - Simple wrapper for meg that sieves through meg's output for you.
Simple wrapper for meg that sieves through meg's output for you.
security security-tools bugbountybug-bounty-responses - A collection of response templates for invalid bug bounty reports.
A collection of response templates for invalid bug bounty reports. This project is designed to work well with @fransr's Template generator. I welcome contributions from the public.
infosec security bugbounty template
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.
