EdOverflow / proof-of-conceptsView external linksLinks
A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
☆166Nov 6, 2019Updated 6 years ago
Alternatives and similar repositories for proof-of-concepts
Users that are interested in proof-of-concepts are comparing it to the libraries listed below
Sorting:
- An OSINT tool to find contacts in order to report security vulnerabilities.☆268Jan 27, 2020Updated 6 years ago
- Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.☆472Nov 10, 2022Updated 3 years ago
- This document proposes a way of standardising the structure, language, and grammar used in security policies.☆26Jan 29, 2018Updated 8 years ago
- A list of universities with vulnerability disclosure policies☆13Jul 10, 2020Updated 5 years ago
- Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]☆305Oct 14, 2018Updated 7 years ago
- A cheat sheet for pentesters and researchers about vulnerabilities in well-known monitoring systems.☆168Jun 10, 2021Updated 4 years ago
- Some random scripts. Just trying to be like the cool kids.☆101Jul 1, 2018Updated 7 years ago
- A tool to generate media files with malicious metadata☆129Feb 2, 2019Updated 7 years ago
- Extract Juniper firewall usernames and hashes and put into a John the Ripper format for cracking☆13Jul 4, 2014Updated 11 years ago
- BurpSuite dockerized☆11Mar 2, 2018Updated 7 years ago
- Check for know iframeBuster XSS☆12Sep 25, 2024Updated last year
- Guidelines for writing secure code for Python developers.☆22Apr 23, 2017Updated 8 years ago
- A static website template for security pages.☆54Jul 19, 2025Updated 6 months ago
- SSH User Enumeration Script in Python Using The Timing Attack☆94Aug 30, 2016Updated 9 years ago
- Pentest scripts for abuse Bash on Windows (Cygwin/WSL) - HackLu 2018☆45May 29, 2019Updated 6 years ago
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆6,373Sep 14, 2023Updated 2 years ago
- ISR-sqlget It's a blind SQL injection tool developed in Perl.☆14Apr 26, 2013Updated 12 years ago
- List of bug bounty programs of companies/organisations in Switzerland☆13Oct 28, 2021Updated 4 years ago
- Provide a sort of shell-ish interface to make file directory traversal quicker and easier.☆24Jan 1, 2017Updated 9 years ago
- Burp Suite extension for JAX-RS☆65Mar 17, 2017Updated 8 years ago
- A collection of response templates for invalid bug bounty reports.☆90Feb 26, 2018Updated 7 years ago
- Scans crossdomain.xml policies for expired domain names.☆26Aug 4, 2015Updated 10 years ago
- A formula to calculate bounty amounts.☆15Dec 2, 2017Updated 8 years ago
- A BurpSuite extension for beautifying .NET message parameters and hiding some of the extra clutter that comes with .NET web apps (i.e. __…☆12Jun 29, 2015Updated 10 years ago
- Chef repository for pentesting tools☆13Mar 4, 2017Updated 8 years ago
- My recon script☆50Dec 23, 2019Updated 6 years ago
- "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.☆5,550Feb 8, 2025Updated last year
- A highly configurable Framework for easy automated web scanning☆381Jul 13, 2020Updated 5 years ago
- Command List for Hashcat and default keyspaces.☆17Feb 13, 2020Updated 6 years ago
- Advanced Vulnerable Web Application (AVWA)☆14Jun 10, 2017Updated 8 years ago
- A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-s…☆441Sep 19, 2021Updated 4 years ago
- This repository created for personal use and added tools from my latest blog post.☆354Dec 7, 2022Updated 3 years ago
- ☆276Oct 19, 2021Updated 4 years ago
- Useful commands for infosec☆28Feb 13, 2023Updated 3 years ago
- Quickly generate context-specific wordlists for content discovery from lists of URLs or paths☆239May 4, 2022Updated 3 years ago
- A CLI tool to interact with hackerone.com. This was my submission for HackerOne's Summer 2018 Hack Day.☆41Aug 2, 2018Updated 7 years ago
- ☆20Sep 6, 2023Updated 2 years ago
- Fuzzing tool written in Golang. Insane monkey not included.☆12Feb 22, 2018Updated 7 years ago
- Reconnaissance tool which scans javascript files for subdomains and then iterates over all javascript files hosted on subsequent subdomai…☆223Jul 10, 2020Updated 5 years ago