testertester0123456789 Goto Github PK

amass

In-depth Attack Surface Mapping and Asset Discovery

audit_scripts

Scripts to gather system configuration information for offline/remote auditing

awesome-cyber-skills

A curated list of hacking environments where you can train your cyber skills legally and safely

awesome-dynamic-analysis

A curated list of dynamic analysis tools for various programming languages

awesome-fuzzing

A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.

awesome-oscp

A curated list of awesome OSCP resources

awesome-osint

:scream: A curated list of amazingly awesome OSINT

awesome-static-analysis

Static analysis tools for all programming languages

blueflower

a grep -r for secrets

burp-retire-js

Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.

burpxss

Automating LFI/RFI using Burp Proxy Logs and fimap

can-i-take-over-xyz

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

cheatsheetseries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

checksec.sh

Checksec.sh

command-injection-payload-list

🎯 Command Injection Payload List

conpot

ICS/SCADA honeypot

crlf-injection-payloads

Payloads for CRLF Injection

dawnscanner

Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.

deepfacelab

DeepFaceLab is a tool that utilizes machine learning to replace faces in videos. Includes prebuilt ready to work standalone Windows 7,8,10 binary (look readme.md).

dependencycheck

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

droopescan

A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.

easyxsspayload

XssPayload List . Usage:

eslint-plugin-security

ESLint rules for Node Security

evilfoca

Tool to analyze and test security in IPv4 and IPv6 data networks

exploit-suggester

This tool reads the output of “showrev -p” on Solaris machines and outputs a list of exploits that you might want to try. It currently focusses on local exploitation of Solaris 8 on SPARC, but other version of Solaris are partially supported.

fimap

fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion bugs in webapps.

foca

Tool to find metadata and hidden information in the documents.

frida

Clone this repo to build Frida

fuxploider

File upload vulnerability scanner and exploitation tool.

fwefw