openrasp by baidu

🔥Open source RASP solution

created at Aug. 10, 2017, 11:09 a.m.

109 +0

2,793 +2

601 -1

H5SC by cure53

HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors

created at March 28, 2014, 8:42 a.m.

153 +0

2,857 +3

420 +0

fuzz.txt by Bo0oM

Potentially dangerous files

created at Jan. 19, 2016, 1:35 p.m.

86 +0

2,885 +2

488 +1

cloudgoat by RhinoSecurityLabs

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

created at July 17, 2018, 12:21 a.m.

74 +0

2,974 +3

622 +3

FOCA by ElevenPaths

Tool to find metadata and hidden information in the documents.

created at Oct. 2, 2017, 5:05 p.m.

143 +0

2,979 +9

552 +1

command-injection-payload-list by payloadbox

🎯 Command Injection Payload List

created at Nov. 3, 2018, 6:35 p.m.

73 +0

3,004 +16

641 +3

plasma by plasma-disassembler

Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.

created at March 9, 2015, 9:16 p.m.

149 +0

3,047 +0

277 +0

Raccoon by evyatarmeged

A high performance offensive security tool for reconnaissance and vulnerability scanning

created at May 13, 2018, 5:05 p.m.

108 +0

3,090 +2

400 +0

weevely3 by epinna

Weaponized web shell

created at Sept. 20, 2014, 10:16 a.m.

132 +1

3,200 +10

605 +2

CSS-Keylogging by maxchehab

Chrome extension and Express server that exploits keylogging abilities of CSS.

created at Feb. 20, 2018, 6:19 p.m.

97 +0

3,216 +1

432 +0

awesome-cve-poc by qazbnm456

✍️ A curated list of CVE PoCs.

created at Feb. 2, 2017, 6:43 a.m.

323 +0

3,324 +2

721 +0

subDomainsBrute by lijiejie

A fast sub domain brute tool for pentesters

created at April 1, 2015, 7:22 a.m.

116 +0

3,488 +2

1,010 +0

retire.js by RetireJS

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

created at Aug. 30, 2013, 9:43 p.m.

83 -1

3,692 +6

417 +0

LinkFinder by GerbenJavado

A python script that finds endpoints in JavaScript files

created at June 9, 2017, 11:50 a.m.

66 +0

3,723 +6

597 +0

bug-bounty-reference by ngalongc

Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature

created at Sept. 1, 2016, 12:53 p.m.

239 +0

3,754 +4

988 -1

tplmap by epinna

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

created at July 6, 2016, 8:33 p.m.

83 +1

3,794 +9

671 +1

social_mapper by Greenwolf

A Social Media Enumeration & Correlation Tool by Jacob Wilkin(Greenwolf)

created at July 7, 2018, 2:50 p.m.

225 +0

3,808 +2

788 +0

EQGRP by x0rz

Decrypted content of eqgrp-auction-file.tar.xz

created at April 8, 2017, 2:03 p.m.

397 +0

4,099 +1

2,070 -3

commix by commixproject

Automated All-in-One OS Command Injection Exploitation Tool.

created at March 20, 2015, 8:38 a.m.

158 +0

4,611 +13

818 +2

awesome-bug-bounty by djadmin

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

created at Feb. 13, 2016, 11 p.m.

297 +0

4,662 +16

918 +0