dora
hackerone-reports
dora | hackerone-reports | |
---|---|---|
6 | 2 | |
299 | 3,237 | |
- | - | |
0.0 | 6.3 | |
6 months ago | 26 days ago | |
Python | Python | |
MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
dora
- Created a tool to find exposed API keys based on RegEx and get exploitation methods for some of keys that are found
- Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found
- Find exposed API keys based on RegEx and get methods to exploit them
- Made a script to find exposed API keys based on RegEx and get exploitation methods for some of keys that are found
- dora - Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found
hackerone-reports
- GitHub - reddelexc/hackerone-reports: Top disclosed reports from HackerOne
-
XXE (XML External Entity) Attack & Prevention
There was an interesting case on Hackerone where the XMP metadata of a JPG file was getting parsed unsafely. There are many other interesting XXE bugs there as well if you want to take a look.
What are some alternatives?
routersploit - Exploitation Framework for Embedded Devices
reconftw - reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
bounty-targets-data - This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
hackthebox - Notes Taken for HTB Machines & InfoSec Community.
basecrack - Decode All Bases - Base Scheme Decoder
Exif-Maniac - Post Exploitation Framework via Exif Data in images
h4cker - This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
SpringShell - Spring4Shell - Spring Core RCE - CVE-2022-22965
OneForAll - OneForAll是一款功能强大的子域收集工具
OWASP-Xenotix-XSS-Exploit-Framework - OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.
Lethe - Python Pentesting Framework
CVE-2021-40444 - CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit