dref by mwrlabs

DNS Rebinding Exploitation Framework

created at June 26, 2018, 10:09 a.m.

JavaScript

25 +0

481 +0

71 +0

GitHub
dns-rebind-toolkit by brannondorsey

A front-end JavaScript toolkit for creating DNS rebinding attacks.

created at June 19, 2018, 2:06 a.m.

JavaScript

24 +0

485 +0

93 +0

GitHub
JShell by UltimateHackers

JShell - Get a JavaScript shell with XSS.

created at Feb. 26, 2018, 1:40 p.m.

Python

24 +0

511 +2

137 +0

GitHub
bXSS by LewisArdern

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

created at Dec. 13, 2017, 11:49 p.m.

JavaScript

14 +0

518 +5

64 +0

GitHub
open-redirect-payload-list by payloadbox

🎯 Open Redirect Payload List

created at Aug. 15, 2019, 3:29 p.m.

Unknown languages

18 +0

532 +4

185 +2

GitHub
mutual-tls-ssl by Hakky54

🔐 Tutorial of setting up Security for your API with one way authentication with TLS/SSL and mutual authentication for a java based web server and a client with both Spring Boot. Different clients are provided such as Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient, the old and the new Jersey Client, Google HttpClient, Unirest, Retrofit, Feign, Methanol, vertx, Scala client Finagle, Featherbed, Dispatch Reboot, AsyncHttpClient, Sttp, Akka, Requests Scala, Http4s Blaze, Kotlin client Fuel, http4k, Kohttp and ktor. Also other server examples are available such as jersey with grizzly. Also gRPC, WebSocket and ElasticSearch examples are included

created at Nov. 11, 2018, 7:07 p.m.

Java

19 +0

571 +5

121 +0

GitHub
dtd-finder by GoSecure

List DTDs and generate XXE payloads using those local DTDs.

created at July 15, 2019, 8:13 p.m.

Kotlin

14 +0

610 +2

106 +0

GitHub
a2sv by hahwul

Auto Scanning to SSL Vulnerability

created at Jan. 25, 2016, 7:15 a.m.

Python

46 +0

627 +1

169 +0

GitHub
whonow by brannondorsey

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

created at April 1, 2018, 12:11 a.m.

JavaScript

22 +0

627 +1

88 +0

GitHub
repo-supervisor by auth0

Scan your code for security misconfiguration, search for passwords and secrets. mag

created at Feb. 21, 2017, 8:06 p.m.

JavaScript

33 +0

637 +0

88 +0

GitHub
uxss-db by Metnew

🔪Browser logic vulnerabilities :skull_and_crossbones:

created at Oct. 27, 2017, 5:32 p.m.

HTML

35 +0

688 +0

90 +0

GitHub
raven by 0x09AL

raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin.

created at Aug. 22, 2017, 3:41 p.m.

Go

39 +0

778 +1

163 +0

GitHub
certificate-transparency by google

Auditing for TLS certificates.

created at May 20, 2014, 5:03 p.m.

C++

102 +0

869 +0

283 +0

GitHub
singularity by nccgroup

A DNS rebinding attack framework.

created at June 5, 2018, 9:04 p.m.

JavaScript

33 +0

1,036 +3

138 +0

GitHub
xxe-injection-payload-list by payloadbox

🎯 XML External Entity (XXE) Injection Payload List

created at Nov. 19, 2019, 5:04 a.m.

Unknown languages

23 +0

1,096 +5

299 +1

GitHub
XSRFProbe by theInfectedDrake

The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.

created at Aug. 21, 2018, 5:49 a.m.

Python

37 +0

1,108 +1

207 -1

GitHub
aws_pwn by dagrz

A collection of AWS penetration testing junk

created at Oct. 18, 2016, 3:14 a.m.

Python

52 +0

1,173 +0

194 +0

GitHub
notes by ChALkeR

Some public notes

created at Oct. 17, 2015, 11:02 p.m.

Unknown languages

92 +0

1,268 +1

77 +0

GitHub
acra by cossacklabs

Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.

created at Nov. 14, 2016, 4:23 p.m.

Go

42 +0

1,357 +2

128 +0

GitHub
iaito by hteso

This project has been moved to:

created at March 28, 2017, 5:27 p.m.

C++

82 +0

1,463 +0

117 +1

GitHub