domato by googleprojectzero

DOM fuzzer

created at Sept. 21, 2017, 3:28 p.m.

67 +0

1,695 +9

278 +0

reverse-shell by lukechilds

Reverse Shell as a Service

created at Sept. 13, 2017, 11:38 a.m.

31 +0

1,852 +0

234 +0

raven by 0x09AL

raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin.

created at Aug. 22, 2017, 3:41 p.m.

39 +0

778 +1

163 +0

openrasp by baidu

🔥Open source RASP solution

created at Aug. 10, 2017, 11:09 a.m.

109 +0

2,793 +2

601 -1

domain_analyzer by eldraco

Analyze the security of any domain by finding all the information possible. Made in python.

created at Aug. 8, 2017, 6:52 p.m.

83 +0

1,844 +1

240 +0

Webshell-Sniper by WangYihang

Manage your website via terminal

created at July 24, 2017, 9:13 a.m.

21 +0

420 +0

114 +0

xray by evilsocket

XRay is a tool for recon, mapping and OSINT gathering from public networks.

created at July 8, 2017, 8:48 p.m.

80 +0

2,206 +2

299 +0

XSStrike by UltimateHackers

Most advanced XSS scanner.

created at June 26, 2017, 7:24 a.m.

274 +0

13,376 +28

1,906 +3

xssor2 by evilcos

XSS'OR - Hack with JavaScript.

created at June 25, 2017, 6:32 a.m.

94 +0

2,129 +0

381 +0

ReconDog by UltimateHackers

Reconnaissance Swiss Army Knife

created at June 12, 2017, 6:19 p.m.

83 +0

1,814 +5

340 +0

LinkFinder by GerbenJavado

A python script that finds endpoints in JavaScript files

created at June 9, 2017, 11:50 a.m.

66 +0

3,723 +6

597 +0

zen-rails-security-checklist by brunofacca

Checklist of security precautions for Ruby on Rails applications.

created at April 10, 2017, 8:36 p.m.

76 +0

1,814 +1

150 +0

EQGRP by x0rz

Decrypted content of eqgrp-auction-file.tar.xz

created at April 8, 2017, 2:03 p.m.

397 +0

4,099 +1

2,070 -3

iaito by hteso

This project has been moved to:

created at March 28, 2017, 5:27 p.m.

82 +0

1,463 +0

117 +1

repo-supervisor by auth0

Scan your code for security misconfiguration, search for passwords and secrets.

created at Feb. 21, 2017, 8:06 p.m.

33 +0

637 +0

88 +0

awesome-cve-poc by qazbnm456

✍️ A curated list of CVE PoCs.

created at Feb. 2, 2017, 6:43 a.m.

323 +0

3,324 +2

721 +0

GSDF by We5ter

A domain searcher named GoogleSSLdomainFinder - 基于谷歌SSL透明证书的子域名查询工具

created at Dec. 19, 2016, 4:58 p.m.

7 +0

175 +0

57 +0

CyberChef by gchq

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

created at Nov. 28, 2016, 10:34 a.m.

390 +0

29,267 +96

3,280 +13

acra by cossacklabs

Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.

created at Nov. 14, 2016, 4:23 p.m.

42 +0

1,357 +2

128 +0

aws_pwn by dagrz

A collection of AWS penetration testing junk

created at Oct. 18, 2016, 3:14 a.m.

52 +0

1,173 +0

194 +0