Lists (3)
Sort Newest
Starred repositories
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Deriving RSA public keys from message-signature pairs
World's fastest and most advanced password recovery utility
A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.
Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.
HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)
Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.
Repo containing walkthroughs to possibly pwn Admin Panels and Exposed Consoles
Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan & VirusTotal!
Small, fast tool for performing reverse DNS lookups en masse.
Fast passive subdomain enumeration tool.
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
A natural language interface for computers
🔥LeetCode solutions in any programming language | 多种编程语言实现 LeetCode、《剑指 Offer(第 2 版)》、《程序员面试金典(第 6 版)》题解
Platform-Agnostic Security Tokens implementation in GO (Golang)
Backend master class: build a simple bank service in Go