-
-
GAP-Burp-Extension Public
Forked from xnl-h4ck3r/GAP-Burp-ExtensionBurp Extension to find potential endpoints, parameters, and generate a custom target wordlist
Python UpdatedJun 13, 2025 -
Web-Cache-Vulnerability-Scanner Public
Forked from Hackmanit/Web-Cache-Vulnerability-ScannerWeb Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
-
knary Public
Forked from sudosammy/knaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark & Pushover support
-
huebrchallenge01 Public
This is my first web challenge called "HueBR Challenge 01".
-
hsecscan Public
A security scanner for HTTP response headers.
-
unfurl Public
Forked from tomnomnom/unfurlPull out bits of URLs provided on stdin
-
SmuggleTP Public
A straightforward tool for exploiting SMTP Smuggling vulnerabilities.
-
SecLists Public
Forked from danielmiessler/SecListsSecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
PHP MIT License UpdatedApr 30, 2024 -
waymore Public
Forked from xnl-h4ck3r/waymoreFind way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan & VirusTotal!
-
poc_salesforce_lightning Public
Forked from moniik/poc_salesforce_lightningAcademic purposes only. Attack against Salesforce lightning with guest privilege.
Python GNU Affero General Public License v3.0 UpdatedFeb 11, 2024 -
-
bc2telegram Public
Simple script to report Burp Collaborator interactions to Telegram bot chat
-
feroxbuster Public
Forked from epi052/feroxbusterA fast, simple, recursive content discovery tool written in Rust.
Rust MIT License UpdatedApr 27, 2023 -
notify Public
Forked from projectdiscovery/notifyNotify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a variety of supported platforms.
Go MIT License UpdatedMar 9, 2023 -
evilginx2 Public
Forked from kgretzky/evilginx2Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
-
DesyncCL0 Public
A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.
-
h2rs Public
Detects request smuggling via HTTP/2 downgrades.
-
h2csmuggler-proxy Public
This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.
-
h2csmuggler Public
Forked from BishopFox/h2csmugglerHTTP Request Smuggling over HTTP/2 Cleartext (h2c)
-
-
smuggler Public
Forked from defparam/smugglerSmuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
-
dnsobserver Public
Forked from allyomalley/dnsobserverA handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for out-of-band DNS interactions and sends lookup notifications…
-
www-projectchapter-example Public template
Forked from OWASP/www-projectchapter-exampleUpdatedFeb 4, 2020 -
www-project-mobile-security-testing-guide Public
Forked from OWASP/www-project-mobile-app-securityOWASP Foundation Web Respository
Ruby UpdatedFeb 1, 2020 -
www-project-secure-headers Public
Forked from OWASP/www-project-secure-headersOWASP Foundation Web Respository
Ruby UpdatedDec 28, 2019 -
pocsuite3 Public
Forked from knownsec/pocsuite3pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Python Other UpdatedApr 9, 2019 -
Findsploit Public
Forked from 1N3/FindsploitFind exploits in local and online databases instantly
-
xorbreak Public
Forked from augusto-ludtke/xorbreakA Python script to break messages encrypted with simple XOR .
Python UpdatedMay 3, 2017 -
pubkey-pin-android Public
Just another example for Android Public Key Pinning (based on OWASP example)
{{ message }}