A script that inspects multi-byte character sets looking for characters with specific user-defined properties
updated at March 22, 2023, 1:45 a.m.
Parse NTLM challenge messages over HTTP and SMB
updated at Jan. 4, 2024, 4:39 p.m.
vulnerable web application for training
updated at April 4, 2024, 8:38 a.m.
Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js
updated at April 5, 2024, 2:38 p.m.
List DTDs and generate XXE payloads using those local DTDs.
updated at April 18, 2024, 6:06 p.m.
Stealing CSRF tokens with CSS injection (without iFrames)
updated at April 27, 2024, 8:50 a.m.
Auditing for TLS certificates.
updated at April 29, 2024, 6:54 p.m.
Pillage web accessible GIT, HG and BZR repositories
updated at April 30, 2024, 6:13 p.m.
A front-end JavaScript toolkit for creating DNS rebinding attacks.
updated at April 30, 2024, 6:13 p.m.