domato by googleprojectzero

DOM fuzzer

created at Sept. 21, 2017, 3:28 p.m.

68 +0

1,643 +1

273 +0

reverse-shell by lukechilds

Reverse Shell as a Service

created at Sept. 13, 2017, 11:38 a.m.

33 +0

1,789 +2

230 -1

raven by 0x09AL

raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin.

created at Aug. 22, 2017, 3:41 p.m.

39 +0

767 -1

162 +0

openrasp by baidu

🔥Open source RASP solution

created at Aug. 10, 2017, 11:09 a.m.

108 +0

2,700 +5

586 +0

domain_analyzer by eldraco

Analyze the security of any domain by finding all the information possible. Made in python.

created at Aug. 8, 2017, 6:52 p.m.

83 +0

1,837 +1

245 +0

Webshell-Sniper by WangYihang

Manage your website via terminal

created at July 24, 2017, 9:13 a.m.

21 +0

421 +1

123 +0

xray by evilsocket

XRay is a tool for recon, mapping and OSINT gathering from public networks.

created at July 8, 2017, 8:48 p.m.

79 +0

2,143 +0

293 -1

XSStrike by UltimateHackers

Most advanced XSS scanner.

created at June 26, 2017, 7:24 a.m.

274 +0

12,743 +15

1,847 +2

xssor2 by evilcos

XSS'OR - Hack with JavaScript.

created at June 25, 2017, 6:32 a.m.

95 +0

2,098 +2

378 +0

ReconDog by UltimateHackers

Reconnaissance Swiss Army Knife

created at June 12, 2017, 6:19 p.m.

82 +0

1,710 +3

335 +0

LinkFinder by GerbenJavado

A python script that finds endpoints in JavaScript files

created at June 9, 2017, 11:50 a.m.

64 +1

3,470 +3

581 +2

zen-rails-security-checklist by brunofacca

Checklist of security precautions for Ruby on Rails applications.

created at April 10, 2017, 8:36 p.m.

76 +0

1,815 +0

150 +0

EQGRP by x0rz

Decrypted content of eqgrp-auction-file.tar.xz

created at April 8, 2017, 2:03 p.m.

397 +0

4,072 +2

2,071 +4

iaito by hteso

This project has been moved to:

created at March 28, 2017, 5:27 p.m.

82 +0

1,470 +0

131 +0

repo-supervisor by auth0

Scan your code for security misconfiguration, search for passwords and secrets.

created at Feb. 21, 2017, 8:06 p.m.

33 +0

633 +0

101 +0

awesome-cve-poc by qazbnm456

✍️ A curated list of CVE PoCs.

created at Feb. 2, 2017, 6:43 a.m.

322 +0

3,237 +4

718 +1

GSDF by We5ter

A domain searcher named GoogleSSLdomainFinder - 基于谷歌SSL透明证书的子域名查询工具

created at Dec. 19, 2016, 4:58 p.m.

7 +0

174 +0

57 +0

CyberChef by gchq

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

created at Nov. 28, 2016, 10:34 a.m.

376 -4

25,763 +74

2,967 +2

acra by cossacklabs

Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.

created at Nov. 14, 2016, 4:23 p.m.

40 +0

1,298 +1

127 +1

aws_pwn by dagrz

A collection of AWS penetration testing junk

created at Oct. 18, 2016, 3:14 a.m.

52 +0

1,122 -1

188 +0