Discover dwisiswant0/BitslerBOT Open Source project

A collection of awesome one-liner scripts especially for bug bounty tips.

4,624

awesome-oneliner-bugbounty

2,438

crlfuzz

A fast tool to scan CRLF vulnerability written in Go

1,224

go-dork

The fastest dork scanner written in Go.

998

findom-xss

A fast DOM based XSS vulnerability scanner with simplicity.

A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

717

ppfuzz

Rust

546

gf-secrets

Secret and/or credential patterns used for gf.

CloudFlare Checker written in Go

229

cf-check

217

galer

A fast tool to fetch URLs from HTML attributes by crawl-in.

206

go-stare

A fast & light web screenshot without headless browser but Chrome DevTools Protocol!

163

proxylogscan

A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).

156

unew

A tool for append URLs, skipping duplicates/paths & combine parameters.

117

slackcat

A simple way of sending messages from the CLI output to your Slack with webhook.

110

ngocok

ngrok Collaborator Link — yet another Burp Collaborator alternative for free with ngrok.

103

tlder

TLDs finder — check domain name availability across all valid top-level domains.

wadl-dumper

Dump all available paths and/or endpoints on WADL file.

noizy

A drop-in replacement to Apple Hearing - Background Sounds with over 30+ available sounds.

ipfuscator

A blazing-fast, thread-safe, straightforward and zero memory allocations tool to swiftly generate alternative IP(v4) address representations in Go.

chatgptui

ChatGPT 🤖 with Textual User Interface (TUI) mode written in Go.

hinject

Host Header Injection Checker

bounty-targets-alert

It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.

Running nuclei Continuously

continuous-nuclei

Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")

cve-2023-50164-poc

stargather

A fast GitHub stargazers information gathering tool

nuclei-templates-dir

Nuclei Templates Directory

CSS

look4jar

Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?

secpat2gf

convert secret patterns to gf compatible.

Hides message with invisible Unicode characters

unch

discat

A simple way of sending messages from the CLI output to your Discord channel with webhook.

nodep

A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.

cekBin

Free source to check, verify & validate BIN (Bank Identification Number), credit, debit, charge or a prepaid card.

Google Hack Database dork automatic tool.

gD0rk

A curated GitHub repository that's in-scope and eligible for bounty.

osscope

WiFiID

@wifi.id Account Extractor & Checker

Follina MS-MSDT 0-day MS Office RCE (CVE-2022-30190) PoC in Go

gollina

huntr-hacktivity

huntr.dev public disclosures/hacktivity watcher

Get faucet DOGE coin every minutes

Faucet-DOGE-Bot

croter

A faster way to bruteforce IEEE 802.11 WEP & WPA-PSK key with simplicity written in Go

siml

siml is a CLI tool for discovering similar, related to, competitive, or alternative options to a given site.

cox

Cox is bluemonday-wrapper to perform a deep-clean and/or sanitization of (nested-)interfaces from HTML to prevent XSS payloads.

shloop

Want to execute command repeatedly without workache? Here is shloop born for it!

CVE-2020-5902

slacksh

Interactivity with *nix shell system flexibly via Slack slash commands.

S3-Downloader

AWS S3 Downloader

Get newest cryptocurrency coin price notifications from Indodax market on your desktop!

indodax-notify

Caido's passive workflow to find potential leaked secrets, PII, and sensitive fields.

leakz-passive-workflow

JavaScript

yt-dl

YouTube Download

Updated common web attack threat dataset

cwa-filter-rules

CVE-2020-24148 Proof-of-Concept

CVE-2020-24148

increment-commit-hash

Auto replaces commit hash prefix incrementally with lucky-commit by hooking post-commit.

A crack 💥 version of Ghostify, that helps you view Instagram stories without a trace (the story owner won't know you saw their story!)

ghostify-crack

CSS

advisory

My advisories (backlog)

CVE-2020-9496

rotatemyass

An HideMyAss wrapper as IP proxy rotating

xiaomi-backup

Xiaomi Backup Applications

Posting Public Telegram Channel Messages to Slack Channel

Teleslack

Go library to wait for the detached/unmounted state of a path.

unmountpoint

cpenum

A fast tool for cPanel user enumeration

CVE-2018-7600

PoC for CVE-2018-7600 Drupal SA-CORE-2018-002 (Drupalgeddon 2).

Prepare Git Commit Message with AI: Write commit message based on code changes with AI.

prepare-commit-msg-ai

foaas-discord

FOaaS Discord BOT integration to telling people to fuck off!

JavaScript

SpoonBOT

Spoon Cast BOT Tools

An gologger (by ProjectDiscovery) wrapper to display backtrace

never-gonna-give-u-up

gologger-backtracer

cloe

CL.0 ee! Client-side desync fuzzing [WIP]

JavaScript

bash_recon

slack-boti

PHP Webhook for Slack BOT Interactivity with Slash Commands

Recursively repository cloning & do something inside that shit

codeql-javascript-unsafe-jquery-plugin

CodeQL

ibin

[WIP] Ignore binaries

Omnibus

shitclone