Some-PoC-oR-ExP by coffeehb

各种漏洞poc、Exp的收集或编写

updated at May 23, 2024, 1:06 a.m.

156 +0

2,333 +1

969 +0

notes by ChALkeR

Some public notes

updated at May 22, 2024, 6:21 a.m.

92 +0

1,263 +1

77 +0

reverse-shell by lukechilds

Reverse Shell as a Service

updated at May 21, 2024, 9:05 p.m.

33 +0

1,794 +1

229 +0

CSS-Keylogging by maxchehab

Chrome extension and Express server that exploits keylogging abilities of CSS.

updated at May 21, 2024, 6:55 p.m.

97 +0

3,202 +2

431 +0

zen-rails-security-checklist by brunofacca

Checklist of security precautions for Ruby on Rails applications.

updated at May 21, 2024, 5:23 p.m.

76 +0

1,814 -1

150 +0

dvcs-ripper by kost

Rip web accessible (distributed) version control systems: SVN/GIT/HG...

updated at May 21, 2024, 2:43 p.m.

52 +0

1,651 +1

308 +0

bXSS by LewisArdern

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

updated at May 21, 2024, 1:58 p.m.

14 +0

487 +1

64 +0

Astra by flipkart-incubator

Automated Security Testing For REST API's

updated at May 21, 2024, 11:53 a.m.

86 +0

2,435 +1

388 +1

domain_analyzer by eldraco

Analyze the security of any domain by finding all the information possible. Made in python.

updated at May 20, 2024, 11:39 p.m.

83 +0

1,840 +1

245 +0

aws_pwn by dagrz

A collection of AWS penetration testing junk

updated at May 20, 2024, 2:17 p.m.

51 +0

1,123 +1

187 -1

snallygaster by hannob

Tool to scan for secret files on HTTP servers

updated at May 20, 2024, 11:58 a.m.

75 +0

2,025 +1

231 +0

open-redirect-payload-list by payloadbox

🎯 Open Redirect Payload List

updated at May 19, 2024, 7:46 p.m.

19 +0

498 +1

175 +2

GitMiner by UnkL4b

Tool for advanced mining for content on Github

updated at May 19, 2024, 7:59 a.m.

108 +0

2,059 +0

427 +0

js-vuln-db by tunz

A collection of JavaScript engine CVEs with PoCs

updated at May 17, 2024, 3:13 p.m.

185 +0

2,264 +0

405 +0

certificate-transparency by google

Auditing for TLS certificates.

updated at May 17, 2024, 1:20 p.m.

103 +0

866 +0

283 +1

cssInjection by dxa4481

Stealing CSRF tokens with CSS injection (without iFrames)

updated at May 17, 2024, 12:28 p.m.

15 +0

312 +0

53 +0

domato by googleprojectzero

DOM fuzzer

updated at May 16, 2024, 11:12 p.m.

68 +0

1,646 +0

271 -1

uxss-db by Metnew

🔪Browser logic vulnerabilities :skull_and_crossbones:

updated at May 16, 2024, 1:26 a.m.

35 +0

677 +0

97 +0

iaito by hteso

This project has been moved to:

updated at May 15, 2024, 10:55 p.m.

82 +0

1,469 +0

131 +0

raven by 0x09AL

raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin.

updated at May 15, 2024, 9:44 p.m.

39 +0

767 +0

163 +0