Starred repositories
Firebase client tools for security assessment or penetration testing.
Burp Plugin to Bypass WAFs through the insertion of Junk Data
Cybersecurity Journey - TryHackMe
Brute force attack tool on Mikrotik box credentials exploiting API requests
This is a python wrapper around the amazing KNOXSS API by Brute Logic
A Bash script for automated nuclei dast scanning by using passive urls
Database to store previously found subdomains
A powerful JavaScript monitoring tool for bug bounty hunters. Track changes in JavaScript files across websites, detect new attack surfaces, and stay ahead of security vulnerabilities.
PoC for a full exploitation of NextJS SSRF (CVE-2024-34351)
This tool is an efficient scanner designed to detect Cache Deception vulnerabilities in web servers. It automates the process of testing URLs by using customizable delimiters and extensions, with m…
📡 PoC auto collect from GitHub.
One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️
🔎 Static code analysis engine to find security issues in code.
Stealth patch for Frida, stealth knowledge collection
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
bookmark for javascript endpoint extractor
Scope gathering tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!
Some Useful Tricks for Pentest Android and iOS Apps
A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.
federicodotta / semgrep-rules-android-security
Forked from mindedsecurity/semgrep-rules-android-securityA collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.
Burp plugin able to find reflected XSS on page in real-time while browsing on site
A client library to multiplex connections from and to iOS devices
A tool for adding new lines to files, skipping duplicates