Payloads
Garud
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Payloads
Garud
What are some alternatives?
ssti-payloads - 🎯 Server Side Template Injection Payloads
Beginner-Bug-Bounty-Automation - Many script that can be modified according to your needs for Information Gathering and Asset discovery in Bug Bounty Hunting (Pull requests are welcome!)
PayloadsAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CTF
BugBountyScanner - A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.
malicious-pdf - 💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
LazyRecon - An automated approach to performing recon for bug bounty hunting and penetration testing.
ppfuzz - A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
Dnsrr - DNSrr is a tool written in bash, used to enumerate all the juicy stuff from DNS.
Sudomy - Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
ActiveDirectoryAttackTool - ADAT is a small tool used to assist CTF players and Penetration testers with easy commands to run against an Active Directory Domain Controller. This tool is is best utilized using a set of known credentials against the host.
wstg - The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
OPdirect - Tool to automate open redirect from a website.