EyeWitness by ChrisTruncer

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

created at Feb. 26, 2014, 4:23 p.m.

Unknown languages

0 +0

18 +1

0 +0

GitHub
awesome-ctf-cheatsheet by uppusaikiran

CTF Cheatsheet

created at Feb. 11, 2020, 5:14 p.m.

Unknown languages

1 +0

50 +1

4 +0

GitHub
slurp by hehnope

this can't keep happening

created at April 7, 2019, 12:30 a.m.

Unknown languages

1 +0

2 +0

0 +0

GitHub
charsetinspect by hack-all-the-things

A script that inspects multi-byte character sets looking for characters with specific user-defined properties

created at June 23, 2016, 3:09 p.m.

Python

3 +0

26 +0

7 +0

GitHub
ntlm_challenger by b17zr

Parse NTLM challenge messages over HTTP and SMB

created at Nov. 4, 2019, 10:27 p.m.

Python

4 +0

143 +0

25 +0

GitHub
Dockerfiles by espi0n

None

created at Sept. 26, 2017, 3:54 p.m.

Dockerfile

5 +0

39 +0

3 +0

GitHub
XSS.png by LucaBongiorni

A XSS mind map ;)

created at Jan. 16, 2016, 7:47 a.m.

Unknown languages

5 +0

56 +0

136 +0

GitHub
pwngitmanager by allyshka

Git manager for pentesters

created at Feb. 25, 2016, 6:14 a.m.

Python

6 +0

107 +0

22 +0

GitHub
VWGen by qazbnm456

Vulnerable Web applications Generator

created at April 12, 2016, 4:06 p.m.

Python

7 +0

84 +0

18 +0

GitHub
GSDF by We5ter

A domain searcher named GoogleSSLdomainFinder - 基于谷歌SSL透明证书的子域名查询工具

created at Dec. 19, 2016, 4:58 p.m.

Python

7 +0

175 +0

57 +0

GitHub
cefdebug by taviso

Minimal code to connect to a CEF debugger.

created at Oct. 3, 2019, 2:09 p.m.

C

7 +0

197 +0

19 +0

GitHub
Reverse-Shell-Manager by WangYihang

hammer A multiple reverse shell session/client manager via terminal

created at Oct. 23, 2017, 1:41 a.m.

Python

8 +0

238 +0

66 +0

GitHub
IPObfuscator by OsandaMalith

A simple tool to convert the IP to a DWORD IP

created at April 30, 2016, 11:32 p.m.

C

9 +0

138 +0

46 +0

GitHub
bXSS by LewisArdern

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

created at Dec. 13, 2017, 11:49 p.m.

JavaScript

14 +0

518 +5

64 +0

GitHub
dtd-finder by GoSecure

List DTDs and generate XXE payloads using those local DTDs.

created at July 15, 2019, 8:13 p.m.

Kotlin

14 +0

610 +2

106 +0

GitHub
cssInjection by dxa4481

Stealing CSRF tokens with CSS injection (without iFrames)

created at Feb. 4, 2018, 4:09 a.m.

HTML

15 +0

318 +0

48 +0

GitHub
DVCS-Pillage by evilpacket

Pillage web accessible GIT, HG and BZR repositories

created at June 18, 2011, 8:04 p.m.

Shell

16 +0

314 +0

60 +0

GitHub
open-redirect-payload-list by payloadbox

🎯 Open Redirect Payload List

created at Aug. 15, 2019, 3:29 p.m.

Unknown languages

18 +0

532 +4

185 +2

GitHub
mutual-tls-ssl by Hakky54

🔐 Tutorial of setting up Security for your API with one way authentication with TLS/SSL and mutual authentication for a java based web server and a client with both Spring Boot. Different clients are provided such as Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient, the old and the new Jersey Client, Google HttpClient, Unirest, Retrofit, Feign, Methanol, vertx, Scala client Finagle, Featherbed, Dispatch Reboot, AsyncHttpClient, Sttp, Akka, Requests Scala, Http4s Blaze, Kotlin client Fuel, http4k, Kohttp and ktor. Also other server examples are available such as jersey with grizzly. Also gRPC, WebSocket and ElasticSearch examples are included

created at Nov. 11, 2018, 7:07 p.m.

Java

19 +0

571 +5

121 +0

GitHub
BadLibrary by SecureSkyTechnology

vulnerable web application for training

created at Dec. 13, 2017, 6:43 a.m.

JavaScript

19 +0

58 +0

7 +0

GitHub