nutthanonn
Follow
Lists (15)
Stars
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Streamlit — A faster way to build and share data apps.
🥧 HTTPie CLI — modern, user-friendly command-line HTTP client for the API era. JSON support, colors, sessions, downloads, plugins & more.
Automatic SQL injection and database takeover tool
Free and Open Source Enterprise Resource Planning (ERP)
Fast and flexible image augmentation library. Paper about the library: https://www.mdpi.com/2078-2489/11/2/125
Scapy: the Python-based interactive packet manipulation program & library.
holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.
The recursive internet scanner for hackers. 🧡
RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Top disclosed reports from HackerOne
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
A DNS meta-query spider that enumerates DNS records, and subdomains.
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
A Proof-Of-Concept for the CVE-2021-44228 vulnerability.
BloodyAD is an Active Directory Privilege Escalation Framework