Discover dwisiswant0/osscope Open Source project

A collection of awesome one-liner scripts especially for bug bounty tips.

4,770

awesome-oneliner-bugbounty

2,514

crlfuzz

A fast tool to scan CRLF vulnerability written in Go

1,274

go-dork

The fastest dork scanner written in Go.

1,066

findom-xss

A fast DOM based XSS vulnerability scanner with simplicity.

A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

738

ppfuzz

Rust

561

gf-secrets

Secret and/or credential patterns used for gf.

CloudFlare Checker written in Go

229

cf-check

222

galer

A fast tool to fetch URLs from HTML attributes by crawl-in.

209

go-stare

A fast & light web screenshot without headless browser but Chrome DevTools Protocol!

168

proxylogscan

A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).

155

unew

A tool for append URLs, skipping duplicates/paths & combine parameters.

117

slackcat

A simple way of sending messages from the CLI output to your Slack with webhook.

112

ngocok

ngrok Collaborator Link — yet another Burp Collaborator alternative for free with ngrok.

106

tlder

TLDs finder — check domain name availability across all valid top-level domains.

noizy

A drop-in replacement to Apple Hearing - Background Sounds with over 30+ available sounds.

wadl-dumper

Dump all available paths and/or endpoints on WADL file.

chatgptui

ChatGPT 🤖 with Textual User Interface (TUI) mode written in Go.

ipfuscator

A blazing-fast, thread-safe, straightforward and zero memory allocations tool to swiftly generate alternative IP(v4) address representations in Go.

hinject

Host Header Injection Checker

unch

Hides message with invisible Unicode characters

cve-2023-50164-poc

Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")

bounty-targets-alert

It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.

Running nuclei Continuously

continuous-nuclei

A fast GitHub stargazers information gathering tool

stargather

nuclei-templates-dir

Nuclei Templates Directory

CSS

look4jar

Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?

secpat2gf

convert secret patterns to gf compatible.

A simple way of sending messages from the CLI output to your Discord channel with webhook.

discat

nodep

A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.

cekBin

Free source to check, verify & validate BIN (Bank Identification Number), credit, debit, charge or a prepaid card.

Google Hack Database dork automatic tool.

gD0rk

@wifi.id Account Extractor & Checker

WiFiID

Automatically Betting for Bitsler.com

BitslerBOT

Follina MS-MSDT 0-day MS Office RCE (CVE-2022-30190) PoC in Go

gollina

huntr-hacktivity

huntr.dev public disclosures/hacktivity watcher

Get faucet DOGE coin every minutes

Faucet-DOGE-Bot

croter

A faster way to bruteforce IEEE 802.11 WEP & WPA-PSK key with simplicity written in Go

siml

siml is a CLI tool for discovering similar, related to, competitive, or alternative options to a given site.

leakz-passive-workflow

Caido's passive workflow to find potential leaked secrets, PII, and sensitive fields.

Cox is bluemonday-wrapper to perform a deep-clean and/or sanitization of (nested-)interfaces from HTML to prevent XSS payloads.

cox

shloop

Want to execute command repeatedly without workache? Here is shloop born for it!

CVE-2020-5902

slacksh

Interactivity with *nix shell system flexibly via Slack slash commands.

S3-Downloader

AWS S3 Downloader

Get newest cryptocurrency coin price notifications from Indodax market on your desktop!

indodax-notify

yt-dl

YouTube Download

Auto replaces commit hash prefix incrementally with lucky-commit by hooking post-commit.

increment-commit-hash

Updated common web attack threat dataset

cwa-filter-rules

CVE-2020-24148 Proof-of-Concept

CVE-2020-24148

ghostify-crack

A crack 💥 version of Ghostify, that helps you view Instagram stories without a trace (the story owner won't know you saw their story!)

CSS

advisory

My advisories (backlog)

CVE-2020-9496

rotatemyass

An HideMyAss wrapper as IP proxy rotating

xiaomi-backup

Xiaomi Backup Applications

Posting Public Telegram Channel Messages to Slack Channel

Teleslack

Go library to wait for the detached/unmounted state of a path.

unmountpoint

cpenum

A fast tool for cPanel user enumeration

CVE-2018-7600

PoC for CVE-2018-7600 Drupal SA-CORE-2018-002 (Drupalgeddon 2).

Prepare Git Commit Message with AI: Write commit message based on code changes with AI.

prepare-commit-msg-ai

nuclei-confuser

This repository gathers matchers from Nuclei templates designed to fool the Nuclei scanner.

foaas-discord

FOaaS Discord BOT integration to telling people to fuck off!

SpoonBOT

Spoon Cast BOT Tools

CL.0 ee! Client-side desync fuzzing [WIP]

cloe

An gologger (by ProjectDiscovery) wrapper to display backtrace

never-gonna-give-u-up

gologger-backtracer

bash_recon

slack-boti

PHP Webhook for Slack BOT Interactivity with Slash Commands

Recursively repository cloning & do something inside that shit

codeql-javascript-unsafe-jquery-plugin

CodeQL

ibin

[WIP] Ignore binaries

Omnibus

shitclone

LinkedIn Jobs -> Discord Webhook

docker-slim-action

TypeScript

dwisiswant0

linkedin-jobs-bot