Category: WebApp PenTest

token-hunter

Token-Hunter: Collect OSINT for GitLab groups and members

Token-Hunter Collect OSINT for GitLab groups and members and search the group and group members’ snippets, issues, and issue discussions for sensitive data that may be included in these assets. The information gathered is intended to compliment and inform the use of...

byp4xx

byp4xx: bypass “403 Forbidden” responses

byp4xx A bash script to bypass “403 Forbidden” responses with well-known methods discussed in #bugbountytips Features: Multiple HTTP verbs/methods Multiple methods mentioned in #bugbountytips Multiple headers: Referer, X-Custom-IP-Authorization… Allow redirects Return the entire curl...

Web Extension for OSINT

Gotanda: browser Web Extension for OSINT

Gotanda is OSINT extension Gotanda is OSINT(Open Source Intelligence) Web Extension for Firefox/Chrome. This Web Extension could search OSINT information from some IOC in a web page.(IP,Domain,URL,SNS…etc) This Repository partly the studying and JavaScript...

Scylla

Scylla: Simplistic Information Gathering Engine

Scylla – The Simplistic Information Gathering Engine Scylla is an OSINT tool developed in python 3.6. Scylla lets users perform advanced searches on Instagram & Twitter accounts, websites/webservers, phone numbers, names. Scylla also allows...

Host Header Redirection Scanner

hostinjector: Multithreaded Host Header Redirection Scanner

HostInjector Multithreaded Host Header Redirection Attack Scanner Download git clone https://github.com/xyele/hostinjector.git Use usage: hostinjector.py [-h] –list LIST –threads THREADS –timeout TIMEOUT [–clear] optional arguments: -h, –help show this help message and exit –list LIST...