tplmap by epinna

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

created at July 6, 2016, 8:33 p.m.

84 +0

3,653 +6

660 +0

js-vuln-db by tunz

A collection of JavaScript engine CVEs with PoCs

created at Aug. 6, 2016, 1:02 a.m.

185 +0

2,266 +2

406 +1

prowler by prowler-cloud

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

created at Aug. 24, 2016, 3:12 p.m.

117 +0

9,734 +42

1,411 +3

bug-bounty-reference by ngalongc

Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature

created at Sept. 1, 2016, 12:53 p.m.

243 +1

3,617 +1

978 +1

aws_pwn by dagrz

A collection of AWS penetration testing junk

created at Oct. 18, 2016, 3:14 a.m.

51 +0

1,124 +1

187 +0

acra by cossacklabs

Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.

created at Nov. 14, 2016, 4:23 p.m.

40 +0

1,305 +3

127 +0

CyberChef by gchq

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

created at Nov. 28, 2016, 10:34 a.m.

376 +0

26,012 +60

2,992 +7

GSDF by We5ter

A domain searcher named GoogleSSLdomainFinder - 基于谷歌SSL透明证书的子域名查询工具

created at Dec. 19, 2016, 4:58 p.m.

7 +0

174 +0

57 +0

awesome-cve-poc by qazbnm456

✍️ A curated list of CVE PoCs.

created at Feb. 2, 2017, 6:43 a.m.

322 +0

3,249 +0

719 +1

repo-supervisor by auth0

Scan your code for security misconfiguration, search for passwords and secrets.

created at Feb. 21, 2017, 8:06 p.m.

33 +0

633 +0

101 +0

iaito by hteso

This project has been moved to:

created at March 28, 2017, 5:27 p.m.

82 +0

1,469 +0

131 +0

EQGRP by x0rz

Decrypted content of eqgrp-auction-file.tar.xz

created at April 8, 2017, 2:03 p.m.

397 +0

4,079 +4

2,073 +1

zen-rails-security-checklist by brunofacca

Checklist of security precautions for Ruby on Rails applications.

created at April 10, 2017, 8:36 p.m.

76 +0

1,814 +0

150 +0

LinkFinder by GerbenJavado

A python script that finds endpoints in JavaScript files

created at June 9, 2017, 11:50 a.m.

63 +0

3,499 +7

585 +1

ReconDog by UltimateHackers

Reconnaissance Swiss Army Knife

created at June 12, 2017, 6:19 p.m.

82 +0

1,722 +5

337 +2

xssor2 by evilcos

XSS'OR - Hack with JavaScript.

created at June 25, 2017, 6:32 a.m.

95 +0

2,102 +0

378 +0

XSStrike by UltimateHackers

Most advanced XSS scanner.

created at June 26, 2017, 7:24 a.m.

273 +0

12,809 +25

1,858 +3

xray by evilsocket

XRay is a tool for recon, mapping and OSINT gathering from public networks.

created at July 8, 2017, 8:48 p.m.

79 +0

2,158 +4

295 +1

Webshell-Sniper by WangYihang

Manage your website via terminal

created at July 24, 2017, 9:13 a.m.

21 +0

420 -1

123 +0

domain_analyzer by eldraco

Analyze the security of any domain by finding all the information possible. Made in python.

created at Aug. 8, 2017, 6:52 p.m.

83 +0

1,839 -1

245 +0