charsetinspect by hack-all-the-things

A script that inspects multi-byte character sets looking for characters with specific user-defined properties

updated at March 22, 2023, 1:45 a.m.

3 +0

25 +0

7 +0

slurp by hehnope

this can't keep happening

updated at Nov. 22, 2023, 4:02 a.m.

1 +0

2 +0

0 +0

pwngitmanager by allyshka

Git manager for pentesters

updated at Nov. 23, 2023, 1 p.m.

6 +0

106 +0

22 +0

ntlm_challenger by b17zr

Parse NTLM challenge messages over HTTP and SMB

updated at Jan. 4, 2024, 4:39 p.m.

4 +0

141 +0

25 +0

IPObfuscator by OsandaMalith

A simple tool to convert the IP to a DWORD IP

updated at Feb. 18, 2024, 2:17 p.m.

9 +0

134 +0

46 +0

XSS.png by LucaBongiorni

A XSS mind map ;)

updated at Feb. 25, 2024, 5:55 p.m.

5 +0

57 +0

143 +0

VWGen by qazbnm456

Vulnerable Web applications Generator

updated at Feb. 26, 2024, 1:08 a.m.

7 +0

84 +0

18 +0

dns-rebind-toolkit by brannondorsey

A front-end JavaScript toolkit for creating DNS rebinding attacks.

updated at March 12, 2024, 1:06 p.m.

24 +0

482 +0

93 +0

raven by 0x09AL

raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin.

updated at March 14, 2024, 10:35 p.m.

39 +0

769 +0

176 +0

DVCS-Pillage by evilpacket

Pillage web accessible GIT, HG and BZR repositories

updated at March 15, 2024, 1:29 a.m.

16 +0

314 +0

63 +0

JoomlaScan by drego85

A free software to find the components installed in Joomla CMS, built out of the ashes of Joomscan.

updated at March 18, 2024, 3:27 p.m.

20 +0

198 +0

67 +0

Webshell-Sniper by WangYihang

Manage your website via terminal

updated at March 27, 2024, 6:21 a.m.

21 +0

420 +0

123 +0

mutual-tls-ssl by Hakky54

🔐 Tutorial of setting up Security for your API with one way authentication with TLS/SSL and mutual authentication for a java based web server and a client with both Spring Boot. Different clients are provided such as Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient, the old and the new Jersey Client, Google HttpClient, Unirest, Retrofit, Feign, Methanol, vertx, Scala client Finagle, Featherbed, Dispatch Reboot, AsyncHttpClient, Sttp, Akka, Requests Scala, Http4s Blaze, Kotlin client Fuel, http4k, Kohttp and ktor. Also other server examples are available such as jersey with grizzly. Also gRPC, WebSocket and ElasticSearch examples are included

updated at April 2, 2024, 5:40 p.m.

19 +0

540 +0

120 +0

BadLibrary by SecureSkyTechnology

vulnerable web application for training

updated at April 4, 2024, 8:38 a.m.

20 +0

57 +0

7 +0

malware-jail by HynekPetrak

Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js

updated at April 5, 2024, 2:38 p.m.

46 +0

453 +0

99 +1

Reverse-Shell-Manager by WangYihang

A multiple reverse shell session/client manager via terminal

updated at April 8, 2024, 9:04 a.m.

8 +0

234 +0

66 +0

nano by UltimateHackers

Nano is a family of PHP web shells which are code golfed for stealth.

updated at April 9, 2024, 6:23 a.m.

32 +0

428 +0

95 +1

iaito by hteso

This project has been moved to:

updated at April 10, 2024, 8:57 p.m.

82 +0

1,470 +0

131 +0

GSDF by We5ter

A domain searcher named GoogleSSLdomainFinder - 基于谷歌SSL透明证书的子域名查询工具

updated at April 11, 2024, 7 a.m.

7 +0

174 +0

57 +0

repo-supervisor by auth0

Scan your code for security misconfiguration, search for passwords and secrets.

updated at April 13, 2024, 7:20 a.m.

33 +1

634 +0

101 +0