Discover random-robbie/jamf-log4j Open Source project

aquatone results for sites with bug bountys

973

keywords

349

bugbounty-scans

Jira-Scan

cve-2020-0688

ssrf-finder

Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.

108

AWS-Scanner

Scans a list of websites for Cloudfront or S3 Buckets

104

bugbountydork

Bug Bounty Dork

This tests a list of s3 buckets to see if they have dir listings enabled or if they are uploadable

mass-s3-bucket-tester

AWS,AZURE,GOOGLE CLOUD IP CIDRS

cloud-cidr

open-redirect

Open Redirect Finder.

kube-scan

Kubernetes Scanner

retrive metadata endpoint data with these one liners.

metadata-one-liners

RPI-Control

Automated 433Mhz Control for Status Power Sockets using a Raspberry Pi

Vuln Liferay scanner & Exploit

liferay-pwn

Wheres My Git - Find /.git/config files based on dirs found in home url

wheres-my-git

InfiniteWP Client < 1.9.4.5 - Authentication Bypass

InfiniteWP-exploit

Dockerised Version of Frida

frida-docker

JavaScript

consul-pwn

Make a Consul Agent Grab Metadata endpoints

Finds Documents On Cloud Assets Using grayhatwarfare API for short urls

grayhatwarfare-docs-finder

Multiple Shells of the same code with different extentions.

s3-tko

AWS S3 Bucket Finder.

mini-php-shells

S3 Buckets that will let you list all files inside them

S3-Listable

aquatone-docker

Docker Version of Aquatone

wpa-cracking

Command List for Hashcat and default keyspaces.

All-in-One-WP-Migration-Backup-Finder

All-in-One WP Migration-Backup-Finder

little scripts of bash stuff that i've found handy.

bash-hacks

Install hamachi on your raspberry pi

rb-recon

hamachi-pi

Saves pages to Wayback machine

wayback-saver

Hikvision-Brute-Force

Brute Force Hikvision Devices that only allow PIN passwords

List of hosts from yahoo.com

yahoo-bug-bounty

wpa-masshandshakeextract

Needed a way to filter all my pwnagotchi handshakes.

Firebase url checker in go

firebaseio-checker-go

cve-2019-6715

redirector

Redirects any request with which ever http status code you want to a location of your choice

Checks a list of firebaseio to confirm they are working and have dev access to them

firebaseio-checker

Send a SMS to Control Your Linux Box

sms-command-server

Extract username and passwords from IPTV urls

extract-m3u

docker-massscan-webui

Masscan web gui

Add Stream links and generate a playlist.

M3U-Generator

twando

Twitter Multi Account

dumping random docker projects here

docker-dump

cve-2022-23131-exp

wifite2-docker

What-Security

What-Security Home Page

CSS

Aircrack-NG_RaspberryPI

Installer for Aircrack-NG / Airoscript For Raspberry Pi

This will grab a random dork and then save the output to a text file

google-dork

Abuse Open Selenium Gird or Node to get access to metadata endpoint.

selenium-abuser

SMS PI - Send a SMS via Your Raspberry PI UK SMS ONLY!

SMS-PI

CVE-2019-7616

POC for CVE-2019-7616 / ESA-2019-09

Extracts unique file and folder names from a list of urls.

wordlist-extractor

Checks if the domains MX records point at G-suite

g-suite-check

Grabs Storage Bucket Urls from CSP headers

csp-report-buckets

urlscan-search

urlscan.io search for domains

salesforce-ssrf

Tools i've made to help with working with data from https://www.binaryedge.io

CVE-2019-5418

CVE-2019-18935

My-Binary-Edge

XSS-image

XSS via images

Deb of xupnpd for raspberry pi

xupnpd-raspberry-armhf

js-source-mapper

Take JS files in and get .map versions if possible.

clippy-finalurl

githack

Check a text file of domains for any expired SSL Certificates

Dropbox-Mysql-Upload

Backup Mysql to Dropbox

bulk_ssl_expire

Squid Proxy that is classed as anon

squid-anon-docker

Dockerfile

github-about-me

Enter a Github Key and tell me about you

HTML

iptv-buster

Some horrible code i made a while back

screenshot-heroki

JavaScript

mot-checker

UK MOT/TAX checker for UK registered Vehicles

gcr-finder

Find Google GCR Repo's

Send a SMS and Your Raspberry Pi cam and it will send a MMS or Email or Tweet of the pic for you

PiCam-image-requester

WordPress Plugin for Use in Testing for PHP Object Injection

popplugin

Ruby

rubbish-links

Junk or gold

UniFi-Network-ipad-blocker

Script to block childs ipads from the internet using UniFi Network setup.

PHP to get admin username and password of DGN1000 to DGN2000

Netgear-DGN1000---DGN2200---Remote-Password-Finder

elastic-tko

Elasticbean Stalk TKO

Raspberry Pi PIR Intruder Alerts Via Push Bullet

serverless-whatismyip

pir-bullet

Serverless page for my subdomain takeovers.

tko-random-robbie

HTML

host-scanner

django-splitter

ignore for now

csp-report-extractor

Extracts CSP reports

RTMP_NGINX_SHOW

View Streams From Your Nginx Server

CSS

xsstrike-docker

XSStrike in Docker

Dockerfile

Python-Tweet-Dump

Dumping My Twitter Python Scripts

container to deploy for attacking k8s

yahoo-bugbountyscans

aquatone-scans of yahoo

HTML

netk8t

Dockerfile

spoofssid-docker

Docker container to spoof popular SSID's

wpscan-help

Output of WPSCAN --hh

selenium-metadata-grabber

Selenium Metadata Endpoint Grabber

Provides a list of IP's for your search.

censysio-ip-search

wp-engine

beerfarmers-bot

phonegap_smspi

Pir-tweet

Tweet's when motion detected

Flask-Ask Docker container with sample app that will automatically connect ngrok for use as an alexa skill

Flask-Ask-Docker