Skip to content
View jhaddix's full-sized avatar
10.2k followers · 2 following

Sponsoring

@gwen001

Achievements

Achievement: Public SponsorAchievement: Arctic Code Vault ContributorAchievement: Pull SharkAchievement: Starstruckx3

Achievements

Achievement: Public SponsorAchievement: Arctic Code Vault ContributorAchievement: Pull SharkAchievement: Starstruckx3

Highlights

  • Pro

Block or report jhaddix

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
jhaddix/README.md

πŸ’« About Me:

Welcome!

I'm Jason Haddix, a red teamer, bug bounty hunter, and security leader.

My GitHub usually contains useful projects for offensive security practitioners!

🌐 Socials:

Discord Twitter

πŸ’» Tech Stack:

Go Markdown PowerShell Python Shell Script Windows Terminal AWS Azure DigitalOcean Google Cloud Apache Nginx Docker

πŸ“Š GitHub Stats:



πŸ† GitHub Trophies

✍️ Random Dev Quote

πŸ” Top Contributed Repo

Pinned Loading

  1. SecLists SecLists Public

    Forked from danielmiessler/SecLists

    SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strin…

    PHP 134 45

  2. HUNT HUNT Public

    Forked from bugcrowd/HUNT

    Python 77 33

  3. tbhm tbhm Public

    The Bug Hunters Methodology

    3.9k 796

  4. all wordlists from every dns enumera... all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
    1 
    
              
    
              
    
                2
                
    .
    
              
    
              
    
                3
                
    ..
    
              
    
              
    
                4
                
    ........
    
              
    
              
    
                5
                
    @
    
              
    
          
    
    
    
  
    

    5. 

      

  5. 
  
    
    
    
      
    
        
        
          Cloud Metadata Dictionary useful for...
Cloud Metadata Dictionary useful for SSRF Testing       
    

          
    
              
    
                1
                
    ## AWS
    
              
    
              
    
                2
                
    # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
    
              
    
              
    
                3
                
    
              
    
              
    
                4
                
    http://169.254.169.254/latest/user-data
    
              
    
              
    
                5
                
    http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
    
              
    
          
    
    
    
  
    

    6. 

      

  6. 
  
    
    
    
      
    
        
        
          a masterlist of content discovery UR...
a masterlist of content discovery URLs and files (used most commonly with gobuster)      
    

          
    
              
    
                1
                
    `
    
              
    
              
    
                2
                
    ~/
    
              
    
              
    
                3
                
    ~
    
              
    
              
    
                4
                
    ×ℒם
    
              
    
              
    
                5
                
       
    
              
    
          
    
    
    
  
    

    7.