domato by googleprojectzero

DOM fuzzer

created at Sept. 21, 2017, 3:28 p.m.

68 +0

1,646 +0

271 -1

reverse-shell by lukechilds

Reverse Shell as a Service

created at Sept. 13, 2017, 11:38 a.m.

33 +0

1,794 +1

229 +0

raven by 0x09AL

raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin.

created at Aug. 22, 2017, 3:41 p.m.

39 +0

767 +0

163 +0

openrasp by baidu

🔥Open source RASP solution

created at Aug. 10, 2017, 11:09 a.m.

108 +0

2,710 +5

589 +1

domain_analyzer by eldraco

Analyze the security of any domain by finding all the information possible. Made in python.

created at Aug. 8, 2017, 6:52 p.m.

83 +0

1,840 +1

245 +0

Webshell-Sniper by WangYihang

Manage your website via terminal

created at July 24, 2017, 9:13 a.m.

21 +0

421 +0

123 +0

xray by evilsocket

XRay is a tool for recon, mapping and OSINT gathering from public networks.

created at July 8, 2017, 8:48 p.m.

79 +0

2,154 +5

294 +0

XSStrike by UltimateHackers

Most advanced XSS scanner.

created at June 26, 2017, 7:24 a.m.

273 +0

12,784 +16

1,855 +5

xssor2 by evilcos

XSS'OR - Hack with JavaScript.

created at June 25, 2017, 6:32 a.m.

95 +0

2,102 -1

378 +0

ReconDog by UltimateHackers

Reconnaissance Swiss Army Knife

created at June 12, 2017, 6:19 p.m.

82 +0

1,717 +2

335 +0

LinkFinder by GerbenJavado

A python script that finds endpoints in JavaScript files

created at June 9, 2017, 11:50 a.m.

63 +0

3,492 +16

584 +3

zen-rails-security-checklist by brunofacca

Checklist of security precautions for Ruby on Rails applications.

created at April 10, 2017, 8:36 p.m.

76 +0

1,814 -1

150 +0

EQGRP by x0rz

Decrypted content of eqgrp-auction-file.tar.xz

created at April 8, 2017, 2:03 p.m.

397 +0

4,075 +3

2,072 +1

iaito by hteso

This project has been moved to:

created at March 28, 2017, 5:27 p.m.

82 +0

1,469 +0

131 +0

repo-supervisor by auth0

Scan your code for security misconfiguration, search for passwords and secrets.

created at Feb. 21, 2017, 8:06 p.m.

33 +0

633 +0

101 +0

awesome-cve-poc by qazbnm456

✍️ A curated list of CVE PoCs.

created at Feb. 2, 2017, 6:43 a.m.

322 +0

3,249 +6

718 +0

GSDF by We5ter

A domain searcher named GoogleSSLdomainFinder - 基于谷歌SSL透明证书的子域名查询工具

created at Dec. 19, 2016, 4:58 p.m.

7 +0

174 +0

57 +0

CyberChef by gchq

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

created at Nov. 28, 2016, 10:34 a.m.

376 -1

25,952 +85

2,985 +5

acra by cossacklabs

Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.

created at Nov. 14, 2016, 4:23 p.m.

40 +0

1,302 +1

127 +0

aws_pwn by dagrz

A collection of AWS penetration testing junk

created at Oct. 18, 2016, 3:14 a.m.

51 +0

1,123 +1

187 -1