Stars
A tool for Workspace administrators to review their security posture and inventory the admin SDK.
AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories,
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …
A database of PHP security advisories
A PHP dependency vulnerabilities scanner based on the Security Advisories Database.
A tool to find security vulnerabilities in Xamarin.Android apps.
A mostly-serverless distributed hash cracking platform
A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
Search and download dictionaries for testing, bruteforcing, fuzzing and exploit-development.
Some files for bruteforcing certain things.
Pillage web accessible GIT, HG and BZR repositories
CVE-2018-8021 Proof-Of-Concept and Exploit
Security aspects of AWS products for the Security Specialist certification
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs
Deserialization payload generator for a variety of .NET formatters
Free and Open Source Reverse Engineering Platform powered by rizin
A byte code analyzer for finding deserialization gadget chains in Java applications
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.