Infosec_Reference by rmusser01

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

created at Sept. 13, 2014, 12:08 a.m.

267 +0

5,363 +6

1,180 +1

js-xss by leizongmin

Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist

created at Sept. 18, 2012, 2:05 p.m.

117 +0

5,102 +6

630 +0

EyeWitness by RedSiege

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

created at Feb. 26, 2014, 4:23 p.m.

148 +0

4,703 +3

819 +1

AwesomeXSS by UltimateHackers

Awesome XSS stuff

created at March 11, 2018, 2:35 p.m.

240 -1

4,641 -2

758 +2

awesome-bug-bounty by djadmin

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

created at Feb. 13, 2016, 11 p.m.

289 -1

4,381 +8

898 +1

commix by commixproject

Automated All-in-One OS Command Injection Exploitation Tool.

created at March 20, 2015, 8:38 a.m.

161 +0

4,335 +10

797 -2

sql-injection-payload-list by payloadbox

🎯 SQL Injection Payload List

created at Oct. 30, 2019, 5:03 a.m.

89 +0

4,324 +22

1,069 +5

EQGRP by x0rz

Decrypted content of eqgrp-auction-file.tar.xz

created at April 8, 2017, 2:03 p.m.

397 +0

4,070 +1

2,067 +3

social_mapper by Greenwolf

A Social Media Enumeration & Correlation Tool by Jacob Wilkin(Greenwolf)

created at July 7, 2018, 2:50 p.m.

227 -1

3,684 +1

787 +0

tplmap by epinna

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

created at July 6, 2016, 8:33 p.m.

86 +0

3,630 +11

662 +2

bug-bounty-reference by ngalongc

Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature

created at Sept. 1, 2016, 12:53 p.m.

243 +0

3,607 -2

978 +0

retire.js by RetireJS

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

created at Aug. 30, 2013, 9:43 p.m.

87 +0

3,517 +10

412 +0

LinkFinder by GerbenJavado

A python script that finds endpoints in JavaScript files

created at June 9, 2017, 11:50 a.m.

63 +0

3,463 +14

577 +0

subDomainsBrute by lijiejie

A fast sub domain brute tool for pentesters

created at April 1, 2015, 7:22 a.m.

116 +0

3,378 +7

1,009 +0

awesome-cve-poc by qazbnm456

✍️ A curated list of CVE PoCs.

created at Feb. 2, 2017, 6:43 a.m.

322 +0

3,229 +2

717 +0

CSS-Keylogging by maxchehab

Chrome extension and Express server that exploits keylogging abilities of CSS.

created at Feb. 20, 2018, 6:19 p.m.

97 +0

3,196 +0

431 +2

weevely3 by epinna

Weaponized web shell

created at Sept. 20, 2014, 10:16 a.m.

131 +0

3,070 +9

596 +1

plasma by plasma-disassembler

Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.

created at March 9, 2015, 9:16 p.m.

149 +0

3,041 +1

278 +0

Raccoon by evyatarmeged

A high performance offensive security tool for reconnaissance and vulnerability scanning

created at May 13, 2018, 5:05 p.m.

109 +0

3,005 +5

388 +1

H5SC by cure53

HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors

created at March 28, 2014, 8:42 a.m.

154 +0

2,818 -1

418 +0