Kathan Patel

Collection of methodology and test case for various web vulnerabilities.

HowToHunt is a community-built collection of step-by-step guides for finding web security vulnerabilities, written by 72+ bug bounty hunters sharing real-world techniques and methodologies.

Automation for javascript recon in bug bounty.

A tool to check a bunch of URLs that contain reflecting params.

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SSRF Parameters.

Search breached data on private nodes, darkweb, internet, end-to-end channels

Prototype Pollution Scanner

All in one port scanning script.

Tool for fetching all the available waybackmachine snapshot urls

OpenBugBounty - https://www.openbugbounty.org/ programs list

Programs I Made while learning python for pentesters.

Some Templates for Bash Scripting

No description.

No description.

The wordlists that have been compiled using disclosed reports at HackerOne bug bounty platform

Wordlists for Fuzzing

No description.

Search for leaked credentials

ReconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Ressources for bug bounty hunting

Different Android Challenges I solved.

Some files for bruteforcing certain things.

Tool to find JavaScript files on Websites

A Simple Port Scanner with Multi-Threading And User Define Port Range

this are some web scrapers i built during learning web scraping

Web Security Checklist (Bug Bounty & Pentesting)

No description.

No description.

My subdomain enumeration

An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters.

Simple Python Script to Parse Apache Log, Get all Unique IPs and Urls visited by that IP.

Tool is to check for Cache Deception Attack Both For Authenticated and UnAuthenticated Pages

Dotmil subdomain discovery tool that scrapes domains from official DoD website directories and certificate transparency logs

Open Redirection Analyzer

No description.

A tools for JavaScript Recon

Tool to find stored robots.txt files from the past

A Spotify hook that cracks DRM protection and allows to download songs.

Hacking tools

Multithreaded Host Header Redirection Scanner

Fast subdomains enumeration tool for penetration testers

game of active directory

No description.

Small program made while learning golang.

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs

DNS Recon | Brute Forcer | DNS Zone Transfer | DNS Wild Card Checks | DNS Wild Card Brute Forcer | Email Enumeration | Staff Enumeration | Compromised Account Checking

This tool is for automate the initial things that we usually do in daily pentesting. So you can focus more on the main target.

An automated approach to performing recon for bug bounty hunting and penetration testing.

No description.

AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.

A tool that can help detect and takeover subdomains with dead DNS records

Hacks For Subdomain Enumeration

Web Application Security Scanner

bash script for Subdomain Enumeration

No description.

Recon for Department of Defense HackerOne program

Mahawiki webinar resources and speakers

Reconnaisance Tool

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

A script to set up a quick Ubuntu 17.10 x64 box with tools I use.