References, tools and sample payloads
☆11Sep 16, 2016Updated 9 years ago
Alternatives and similar repositories for 44con-code-review-workshop
Users that are interested in 44con-code-review-workshop are comparing it to the libraries listed below
Sorting:
- MoneyX is an intentionally vulnerable JSP application used for training developers in application security concepts.☆31May 10, 2016Updated 9 years ago
- BurpSuite extension to assist with Automated Forced Browsing/Endpoint Enumeration☆23Apr 11, 2018Updated 7 years ago
- Notes and helper scripts/files/etc from when I passed my OSCP☆19Sep 17, 2019Updated 6 years ago
- ☆17Feb 3, 2026Updated last month
- Daily TLD health report generated using RIPE's DNSCheck against all existing TLDs.☆18Jan 25, 2017Updated 9 years ago
- ☆11Aug 2, 2016Updated 9 years ago
- One gate to all syscalls!☆23Mar 12, 2022Updated 4 years ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆23Apr 28, 2019Updated 6 years ago
- Plugin for binary ninja to centralize features useful in static analysis.☆15Mar 3, 2020Updated 6 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- Wintermute Endpoint Search: Parse source code pulling out endpoints, parameters, and a bunch of other stuff☆14May 20, 2019Updated 6 years ago
- Burp and ZAP plugin that display image metadata (JPEG Exif or PNG text chunk).☆15Apr 15, 2023Updated 2 years ago
- Workshop given at Hack in Paris 2019☆126Jun 8, 2023Updated 2 years ago
- Some of the presentations given by me☆19Aug 8, 2025Updated 7 months ago
- Automatic tool using for crawling code to find low-hang fruit vulnerabilities - Based on OWASP Secure Code Review Guide☆21Aug 31, 2020Updated 5 years ago
- Frontend to import Nmap Scan in ES, and frontend to make search☆10Nov 16, 2014Updated 11 years ago
- A collection of commands, scripts, tips, tricks, and other information compiled during my journey to obtaining the OSCP certification.☆25Dec 13, 2020Updated 5 years ago
- Gradle plugin for integrating with HCL AppScan Source☆13Jan 29, 2026Updated last month
- Source Code Intelligence☆30Aug 21, 2017Updated 8 years ago
- Repository to showcase various configuration recipes with various technologies☆36Dec 16, 2022Updated 3 years ago
- Vulnerable Grails application☆43Jun 12, 2015Updated 10 years ago
- PHDAYS |||☆17May 23, 2013Updated 12 years ago
- ffmpeg exploitation tool☆28Aug 3, 2016Updated 9 years ago
- SyscallLoader☆11Sep 13, 2021Updated 4 years ago
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.☆11Oct 29, 2018Updated 7 years ago
- An example of how a driver can register a handle creation callback.☆16Jun 12, 2023Updated 2 years ago
- Selective DNS proxy forwarding based on DNS threat blocking providers intelligence.☆56Mar 18, 2018Updated 8 years ago
- Dump elasticsearch instance☆15Jan 7, 2026Updated 2 months ago
- Vulnerable Node.js Web Application to pratice with your pentesting skills☆21Apr 29, 2017Updated 8 years ago
- A tool for configuring Xilinx Spartan 3 FPGAs via FT232H-based USB-to-JTAG adapter☆17Dec 31, 2020Updated 5 years ago
- Cheatsheets on security vulnerabilities and exploits.☆35Jan 20, 2020Updated 6 years ago
- Burp Suite Professional in a Docker container.☆84Nov 20, 2025Updated 3 months ago
- ☆21Dec 4, 2014Updated 11 years ago
- Spark Core app examples to make it easier to rock out with your Spark Core.☆36Jan 3, 2018Updated 8 years ago
- This is a tool to instantly test if an application handles SSL certificates the way it is supposed to.☆25Mar 17, 2023Updated 3 years ago
- ☆11Nov 12, 2019Updated 6 years ago
- ☆11May 28, 2019Updated 6 years ago
- Minimalist cheat sheet for developpers to write secure code☆54Jul 17, 2020Updated 5 years ago
- The Recon scanning tool scans websites for open files & directories specified in the custom config file. Default server configuration fil…☆15Apr 4, 2018Updated 7 years ago