Highlights
- Pro
Stars
This is a "skill" for claude to use FFUF.
Disclosures of bugs and vulnerabilities reported by Hacktron.
Cybersecurity AI (CAI), the framework for AI Security
AI-powered assistant that integrates seamlessly with Caido
403Bypasser is a simple plugin that lets you bypass 403 status code by transforming HTTP requests with custom templates.
Real-Time JavaScript reverse engineering and debugging suite - Burp Suite, but for JavaScript
A cross-platform tool to find traces of old SIDs remaining in LDAP objects of the Active Directory
A fast application to create and manage dynamic content and routes with an administration panel and a secure API
This repository is a one-stop shop for diving deep into the fascinating world of mXSS (mutations caused by browser quirks in HTML parsing). providing a curated list of examples that showcase unexpe…
A cross platform library to write offensive and defensive security tools in Go
Archive Alchemist is a tool for creating specially crafted archives to test extraction vulnerabilities.
Replaces every class in a JAR file with a malicious one
Tool for finding URLs, paths, secrets and generating raw HTTP requests and OpenApi specifications from config files and annotations used in JAR / WAR / APK applications.
Easily create and share Proof of Concepts in HTML, JavaScript, etc. with custom headers, all via query parameters
Some tips for Bug Bounty using LibreOffice
Extract GraphQL operations from javascript
Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable SSRF candidates.
A web based OSINT ressource and tool
📦 A GitHub Action that performs a security scan of your GitHub Actions.
A tool designed to exploit bad implementations of decryption mechanisms in Laravel applications.
This Chromium extension scans the page for external iFrames, Scripts, and Styles, logs them to the console, and checks if their domains are resolvable.
A collection of scripts for assessing Microsoft Azure security
Ruby-SAML / GitLab Authentication Bypass (CVE-2024-45409) exploit
CSPBypass.com, a tool designed to help ethical hackers bypass restrictive Content Security Policies (CSP) and exploit XSS (Cross-Site Scripting) vulnerabilities on sites where injections are blocke…
The recursive internet scanner for hackers. 🧡