whonow by brannondorsey

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

created at April 1, 2018, 12:11 a.m.

22 +0

615 +3

102 +0

snallygaster by hannob

Tool to scan for secret files on HTTP servers

created at April 10, 2018, 12:01 p.m.

75 +0

2,031 +3

229 -2

xss-payload-list by payloadbox

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

created at April 23, 2018, 6:09 a.m.

138 +0

5,789 +21

1,594 +2

Raccoon by evyatarmeged

A high performance offensive security tool for reconnaissance and vulnerability scanning

created at May 13, 2018, 5:05 p.m.

109 +0

3,024 +3

393 +1

nano by UltimateHackers

Nano is a family of PHP web shells which are code golfed for stealth.

created at May 25, 2018, 3:17 p.m.

32 +0

429 +0

95 +0

singularity by nccgroup

A DNS rebinding attack framework.

created at June 5, 2018, 9:04 p.m.

32 +0

992 +2

136 +1

TIDoS-Framework by theInfectedDrake

The Offensive Manual Web Application Penetration Testing Framework.

created at June 8, 2018, 7:05 a.m.

125 +0

1,746 +1

388 +0

dns-rebind-toolkit by brannondorsey

A front-end JavaScript toolkit for creating DNS rebinding attacks.

created at June 19, 2018, 2:06 a.m.

24 +0

481 +0

93 +0

dref by mwrlabs

DNS Rebinding Exploitation Framework

created at June 26, 2018, 10:09 a.m.

25 +0

481 +0

71 +0

social_mapper by Greenwolf

A Social Media Enumeration & Correlation Tool by Jacob Wilkin(Greenwolf)

created at July 7, 2018, 2:50 p.m.

227 +0

3,710 +5

784 -1

cloudgoat by RhinoSecurityLabs

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

created at July 17, 2018, 12:21 a.m.

72 +1

2,793 +10

583 +1

XSRFProbe by theInfectedDrake

The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.

created at Aug. 21, 2018, 5:49 a.m.

37 +0

1,015 +2

190 +1

command-injection-payload-list by payloadbox

🎯 Command Injection Payload List

created at Nov. 3, 2018, 6:35 p.m.

72 +0

2,719 +12

599 +1

mutual-tls-ssl by Hakky54

🔐 Tutorial of setting up Security for your API with one way authentication with TLS/SSL and mutual authentication for a java based web server and a client with both Spring Boot. Different clients are provided such as Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient, the old and the new Jersey Client, Google HttpClient, Unirest, Retrofit, Feign, Methanol, vertx, Scala client Finagle, Featherbed, Dispatch Reboot, AsyncHttpClient, Sttp, Akka, Requests Scala, Http4s Blaze, Kotlin client Fuel, http4k, Kohttp and ktor. Also other server examples are available such as jersey with grizzly. Also gRPC, WebSocket and ElasticSearch examples are included

created at Nov. 11, 2018, 7:07 p.m.

19 +0

545 +0

121 +0

slurp by hehnope

this can't keep happening

created at April 7, 2019, 12:30 a.m.

1 +0

2 +0

0 +0

ctftool by taviso

Interactive CTF Exploration Tool

created at June 7, 2019, 3:39 a.m.

60 +0

1,632 +0

274 -1

dtd-finder by GoSecure

List DTDs and generate XXE payloads using those local DTDs.

created at July 15, 2019, 8:13 p.m.

14 +0

587 +1

104 +0

open-redirect-payload-list by payloadbox

🎯 Open Redirect Payload List

created at Aug. 15, 2019, 3:29 p.m.

19 +0

498 +0

175 +0

cefdebug by taviso

Minimal code to connect to a CEF debugger.

created at Oct. 3, 2019, 2:09 p.m.

7 +0

191 +0

19 +0

sql-injection-payload-list by payloadbox

🎯 SQL Injection Payload List

created at Oct. 30, 2019, 5:03 a.m.

91 +0

4,470 +20

1,096 +4