https://github.com/mathis2001/webhackurls

Simple python OSINT tool for urls recon thanks to the waybackmachine.

bugbounty osint pentesting recon wayback-machine webarchive

Last synced: 27 Apr 2025

https://github.com/mathis2001/dorking

Some Dorking resources

censys-dorks dork dorking github-dorks google-dorks shodan-dorks twitter-dorks

Last synced: 16 Feb 2026

https://github.com/mathis2001/paramfirstcheck

ParamFirstCheck identifies in a list of urls those containing a parameter of the top 25 of the most vulnerable parameters for SQLi, LFI, RCE and Open redirect

bugbounty parameters pentest top25

Last synced: 27 Apr 2025

https://github.com/mathis2001/cert4recon

Simple passive Python Recon tool for subdomains enumeration with crt.sh

bugbounty crt-sh information-gathering osint recon subdomain-enumeration

Last synced: 27 Apr 2025

https://github.com/mathis2001/paramchanger

ParamChanger is a tool allowing you to replace the parameters of a list of urls by a payload entered as an argument

bugbounty parameters pentest

Last synced: 27 Apr 2025

https://github.com/mathis2001/ParamChanger

ParamChanger is a tool allowing you to replace the parameters of a list of urls by a payload entered as an argument

bugbounty parameters pentest

Last synced: 10 Mar 2025

https://github.com/mathis2001/files-upload

Some useful files for upload features pentesting

bugbounty file-upload pentest pentesting php svg webshell

Last synced: 16 Aug 2025

https://github.com/mathis2001/m4ldu1n-oh

Collection of malduino scripts for pentesters and red teaming.

malduino malduino-scripts malduinoscripts pentest physique recon red-team

Last synced: 06 Mar 2026

https://github.com/mathis2001/Sp00fy

Simple python script to check for email spoofing on a given domain.

bugbounty dmarc email phishing spoofing

Last synced: 10 Mar 2025

https://github.com/mathis2001/sp00fy

Simple python script to check for email spoofing on a given domain.

bugbounty dmarc email phishing spoofing

Last synced: 19 Jul 2025

https://github.com/mathis2001/wordlists

Last synced: 09 Feb 2026

https://github.com/mathis2001/subpwnable

Are your (sub)domains pwnable ? SubPwnable is a simple Python tool designed to helps you answer this question.

bugbounty cname pentest subdomain-takeover

Last synced: 13 Jun 2025

https://github.com/mathis2001/showldan

Recon tool using shodan API to automate shodan information gathering process and find juicy stuff during bug hunting.

bug-bounty information-gathering pentest pentesting recon reconnaissance shodan shodan-api shodan-python

Last synced: 27 Apr 2025

https://github.com/mathis2001/twittosint

A simple Twitter OSINT tool written in python

osint recon twitter

Last synced: 31 Jul 2025

https://github.com/mathis2001/wappassivescan

Passive Vulnerability Scanner working with Wappalyzer API and MITRE CVE search functionnality.

bugbounty bugbounty-tool cve mitre passive-vulnerability-scanner pentest pentest-tool pentesting pentesting-tools wappalyzer

Last synced: 08 Jun 2026

https://github.com/mathis2001/lightraversal

LighTraversal is a tool designed to find basic directory traversal vulnerabilities

bugbounty lfi path-traversal pentest

Last synced: 15 Jun 2025

https://github.com/mathis2001/reflection

Reflected parameters checker for a list of urls. (Beta version needing a lot of improvement)

bugbounty parameters pentest reflected

Last synced: 23 Apr 2025

https://github.com/mathis2001/cve-2018-25031

CVE-2018-25031 tests

Last synced: 14 Feb 2026

https://github.com/mathis2001/Reflection

Reflected parameters checker for a list of urls. (Beta version needing a lot of improvement)

bugbounty parameters pentest reflected

Last synced: 10 Mar 2025

https://github.com/mathis2001/403bytepass

Python tool for forbidden urls bypassing

Last synced: 06 Jun 2026

https://github.com/mathis2001/dirhunter

Outil de brute force des repertoires de sites web semblable à dirbuster. (Mais avec une petite touche personnelle)

Last synced: 26 Feb 2025

https://github.com/mathis2001/GitDiscloser

Python recon tool for Github information disclosure research

bugbounty github pentesting recon

Last synced: 10 Mar 2025

https://github.com/mathis2001/mathis2001

Last synced: 19 Mar 2026

https://github.com/mathis2001/gitdiscloser

Python recon tool for Github information disclosure research

bugbounty github pentesting recon

Last synced: 15 May 2026

https://github.com/mathis2001/grepman

Simple bash script that aim to save time on security code and config review for web technologies.

bash-script code-review grep-search java javascript pentest php python ruby-on-rails

Last synced: 05 Apr 2026

https://github.com/mathis2001/triplex

Triplex (for Exported Extras Extraction) is a python script that is designed to search exported intents extras in decompiled APKs for a faster pentest and bug bounty recon.

android pentest pentest-tool pentesting pentesting-tools python3

Last synced: 06 Jan 2026

https://github.com/mathis2001/androholic

[Beta testing] Android bruteforcing tool for apps pentesting, simulating manual user typing with adb

adb android android-penetration-testing android-pentest android-pentesting brute-force brute-force-attacks bruteforce bruteforce-attacks mobile mobile-penetration-testing mobile-pentest pentest pentest-tool python python-script python3

Last synced: 28 Apr 2026

https://github.com/mathis2001/qrecipe

QRecipe is a simple python script that have been designed to fuzz Android and iOS apps QR code readers for multiple vulnerabilities depending on the given wordlist.

android-application appsec bugbounty fuzzing ios-app pentest qrcode qrcode-generator tool

Last synced: 10 May 2026

https://github.com/mathis2001/deepconfusion

Simple bash dependency confusion checker (npm, python and ruby)

bash dependency-confusion npmjs

Last synced: 05 Feb 2026

https://github.com/mathis2001/mysql-bruteforce

Python script for Mysql root account connexion bruteforce

Last synced: 20 Aug 2025

https://github.com/mathis2001/mail_bomber

Python mail bomber script

Last synced: 24 Jul 2025

https://github.com/mathis2001/vps

Hardening VPS

Last synced: 15 Sep 2025

https://github.com/mathis2001/simu_fildelaine

maquette simulant le système de fil de laine présents dans les avions avec une carte arduino uno, deux ventilateur 12V à 2 fils et deux potentiometres servants de levier et de palonnier. Les détails du montage de la maquette sont dans le dossier images.

Last synced: 16 May 2026

https://github.com/mathis2001/xsserious

PoC XSS scripts and HTMLi for BB

Last synced: 11 Jun 2026

https://github.com/mathis2001/offensive_labs

Offensive cybersecurity labs

Last synced: 18 Jun 2026

https://github.com/mathis2001/redos-lab

Introduction level ReDoS lab.

Last synced: 15 Sep 2025

https://github.com/mathis2001/burp-bambda

Burp Suite Bambda useful scripts.

bambdas burpsuite burpsuite-tools

Last synced: 02 Mar 2026

https://github.com/mathis2001/lightssticheck

LightSSTICheck is a tool designed to find basic SSTI vulnerabilities

bugbounty pentest ssti

Last synced: 11 May 2026

https://github.com/mathis2001/EzComments

EzComments is a tool allowing you to get all html and js comments of each url given to him

bugbounty comments pentest recon

Last synced: 10 Mar 2025

https://github.com/mathis2001/http2whois

Python script to easily use remote whois registries from local HTTP server (for pentesting purposes)

Last synced: 11 Jun 2026

https://github.com/mathis2001/android-semgrep-rules

A collection of semgrep rules for android apps static analysis and code review

Last synced: 09 Mar 2026

https://github.com/mathis2001/pathtrunc

Last synced: 04 Aug 2025

https://github.com/mathis2001/burp-suite-cert-ressources

Notes and ressources from Burp Suite Academy learning

Last synced: 06 Feb 2026

https://github.com/mathis2001/open2phish

Open redirect payloads wordlist generator

Last synced: 27 Jul 2025