Analyze the security of any domain by finding all the information possible. Made in python.
created at Aug. 8, 2017, 6:52 p.m.
Tool to scan for secret files on HTTP servers
created at April 10, 2018, 12:01 p.m.
The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
created at Aug. 21, 2018, 5:49 a.m.
🎯 Open Redirect Payload List
created at Aug. 15, 2019, 3:29 p.m.
Checklist of security precautions for Ruby on Rails applications.
created at April 10, 2017, 8:36 p.m.
JShell - Get a JavaScript shell with XSS.
created at Feb. 26, 2018, 1:40 p.m.
Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.
created at Nov. 14, 2016, 4:23 p.m.
🔐 Tutorial of setting up Security for your API with one way authentication with TLS/SSL and mutual authentication for a java based web server and a client with both Spring Boot. Different clients are provided such as Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient, the old and the new Jersey Client, Google HttpClient, Unirest, Retrofit, Feign, Methanol, vertx, Scala client Finagle, Featherbed, Dispatch Reboot, AsyncHttpClient, Sttp, Akka, Requests Scala, Http4s Blaze, Kotlin client Fuel, http4k, Kohttp and ktor. Also other server examples are available such as jersey with grizzly. Also gRPC, WebSocket and ElasticSearch examples are included
created at Nov. 11, 2018, 7:07 p.m.
List DTDs and generate XXE payloads using those local DTDs.
created at July 15, 2019, 8:13 p.m.