A Tool to find subdomains from hackerone reports.

Related tags

Security related resourceshactivity
Overview

Hactivity

A Tool to find subdomains from Hackerone reports of a given company or a search term (xss, ssrf, etc). It can also print out URL and Title of reports.

Installation:

Supported Browsers : Google Chrome, Chromium or Firefox. By default it uses chromium.

To Install Hactivity

$ git clone https://github.com/Sachin-v3rma/hactivity
$ cd hactivity && pip install -r requirements.txt
$ python3 Hactivity.py -h

Usage:

It searches the hackerone for a given keyword which can be a company name or vulnerabilty type. Hackerone uses javascript/dynamic pages thats why its not possible to fetch large amounts of data quickly. Also don't use like 20,30,100,etc threads, it will burn your poor little PC. It uses multiple browser instances so choose wisely.

NOTE : Use Exact Names of company/organization. Example : mailru (For mail.ru)

Example usage :

$ python3 Hactivity.py mailru -l 100
$ python3 Hactivity.py ssrf -r
$ python3 Hactivity.py xss -b firefox -l 50 -t 2
Flag Description
-h, --help show this help message and exit
-l 100 Fetch data from n number of reports
-t 2 Number of threads (Default : 5)
-r Find URL and Title only of reports
-b [ chrome, chromium, firefox ] Browser to use (Default : Chromium)

Buy Me A Coffee

Owner
Stinger
403 Forbidden
Stinger
GitHub Repository
This repo explains in details about buffer overflow exploit development for windows executable.

Buffer Overflow Exploit Development For Beginner Introduction I am beginner in security community and as my fellow beginner, I spend some of my time a

cris_0xC0 11 Dec 17, 2022
Searches for potentially vulnerable websites to local file inclusion, throughout the web and then exploits them for LFI

LFI-Hunter Searches for potentially vulnerable websites to local file inclusion, throughout the web and then exploits them for LFI A script written in

Anukul Pandey 6 Jan 30, 2022
Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD).

What is Spray365? Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD). How is Spray3

Mark Hedrick 246 Dec 28, 2022
Cve-2021-22005-exp

cve-2021-22005-exp 0x01 漏洞简介 2021年9月21日,VMware发布安全公告,公开披露了vCenter Server中的19个安全漏洞,这些漏洞的CVSSv3评分范围为4.3-9.8。 其中,最为严重的漏洞为vCenter Server 中的任意文件上传漏洞(CVE-20

Jing Ling 146 Dec 31, 2022
evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

Introduction evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files. It can process a high numbe

NVISO 116 Dec 29, 2022
A curated list of amazingly awesome Cybersecurity datasets

A curated list of amazingly awesome Cybersecurity datasets

758 Dec 28, 2022
MayorSec DNS Enumeration Tool

MayorSecDNSScan MSDNSScan is used to identify DNS records for target domains and check for zone transfers. There really isn't much special about it, a

Joe Helle 68 Dec 12, 2022
Tools for converting Nintendo DS binaries to an ELF file for Ghidra/IDA

nds2elf Requirements nds2elf.py uses LIEF and template.elf to form a new binary. LIEF is available via pip: pip3 install lief Usage DSi and DSi-enhan

Max Thomas 17 Aug 14, 2022
Nmap automated port scanner written in Python

port-scanner Nmap automated port scanner written in Python. USE: Clone the module Import the module: from portscanModule import portscanner Use: ports

Brayden Karnes 1 Dec 03, 2021
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE

CVE-2021-22005 - VMWare vCenter Server File Upload to RCE Analyze Usage ------------------------------------------------------------- [*] CVE-2021-220

r0cky 224 Aug 05, 2022
Template for new OSINT command-line tools

OSINT cli tool skeleton Template for new OSINT command-line tools. Press button "Use this template" to generate your own tool repository. See INSTALL.

36 Dec 20, 2022
PoC of proxylogon chain SSRF(CVE-2021-26855) to write file by testanull, censored by github

CVE-2021-26855 PoC of proxylogon chain SSRF(CVE-2021-26855) to write file by testanull, censored by github Why does github remove this exploit because

The Hacker's Choice 58 Nov 15, 2022
A decompilation of the Nintendo Switch version of Captain Toad: Treasure Tracker

cttt-decomp A decompilation of the Nintendo Switch version of Captain Toad: Trea

shibbs 14 Aug 17, 2022
Log4j exploit catcher, detect Log4Shell exploits and try to get payloads.

log4j_catcher Log4j exploit catcher, detect Log4Shell exploits and try to get payloads. This is a basic python server that listen on a port and logs i

EntropyQueen 17 Dec 20, 2021
neo Tool is great one in binary exploitation topic

neo Tool is great one in binary exploitation topic. instead of doing several missions by many tools and windows, you can now automate this in one tool in one session.. Enjoy it

Hamza Elansari 4 Oct 10, 2022
ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)

ProxyLogon For Python3 ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF-GetWebShell) usage: python ProxyLogon.py --host=exchang

112 Dec 01, 2022
Mass Check Vulnerable Log4j CVE-2021-44228

Log4j-CVE-2021-44228 Mass Check Vulnerable Log4j CVE-2021-44228 Introduction Actually I just checked via Vulnerable Application from https://github.co

Justakazh 6 Dec 28, 2022
Unauthenticated Sqlinjection that leads to dump data base but this one impersonated Admin and drops a interactive shell

Unauthenticated Sqlinjection that leads to dump database but this one impersonated Admin and drops a interactive shell

sam 16 Nov 09, 2022
Android Malware Behavior Deleter

Android Malware Behavior Deleter UDcide UDcide is a tool that provides alternative way to deal with Android malware. We help you to detect and remove

27 Sep 23, 2022
Separate handling of protected media in Django, with X-Sendfile support

Django Protected Media Django Protected Media is a Django app that manages media that are considered sensitive in a protected fashion. Not only does t

Cobus Carstens 46 Nov 12, 2022