☆29May 30, 2024Updated last year
Alternatives and similar repositories for tips
Users that are interested in tips are comparing it to the libraries listed below
Sorting:
- LLM Vulnerable Application☆13Aug 19, 2023Updated 2 years ago
- Script and resources to execute shell commands using access to a PostgreSQL service☆13Oct 24, 2024Updated last year
- AI modular structure that provides automation-based attack and penetration☆14May 10, 2024Updated last year
- xiaSql的python魔改版☆15Oct 31, 2024Updated last year
- RabbitMQ exploit and Pentesting guide for penetration tester☆20Nov 22, 2023Updated 2 years ago
- Get 10k subdomains in securitytrails using cookie without apikey.☆36Oct 23, 2025Updated 4 months ago
- ☆13Jun 12, 2023Updated 2 years ago
- CTF challenges WriteUp☆14Jun 27, 2022Updated 3 years ago
- 这个项目主要用于辅助测试Swagger的XSS漏洞☆39Jun 11, 2022Updated 3 years ago
- NPS proxy server authentication bypasses vulnerability detection☆76Aug 5, 2022Updated 3 years ago
- ☆17May 21, 2022Updated 3 years ago
- A tech enumeration toolkit focused on 404 Not found pages.☆26Oct 6, 2024Updated last year
- Script to read input from stdin and encode it☆19Aug 23, 2023Updated 2 years ago
- HVVExploitApply工具POC登记信息☆20Aug 25, 2022Updated 3 years ago
- recon.cloud is website that scans AWS, Azure and GCP public cloud footprint this GO tool only utilize its API for getting result to termi…☆25Feb 11, 2023Updated 3 years ago
- A python script to extract information from a Microsoft Remote Desktop Web Access (RDWA) application☆113Jan 5, 2026Updated last month
- A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CON…☆164Mar 27, 2024Updated last year
- AWS S3 open bucket poc automated script.☆56Aug 23, 2021Updated 4 years ago
- A cheatsheet for exploiting server-side SVG rasterization.☆30Jul 5, 2022Updated 3 years ago
- A simple mutator engine which focuses on finding unknown classes of injection vulnerabilities☆67Mar 18, 2024Updated last year
- IDOR bypass fuzz 权限绕过burp 插件 fuzz (shiro 等)☆27Sep 1, 2021Updated 4 years ago
- Burp Suite参数收集插件(Python)☆27Dec 10, 2021Updated 4 years ago
- Mass querying whois records☆28Dec 28, 2021Updated 4 years ago
- Write-ups of my findings.☆123Sep 2, 2023Updated 2 years ago
- An intentionally-vulnerable application for demonstrating the hazards of SpEL expression composition☆28Apr 17, 2018Updated 7 years ago
- 从github爬取路径然后生成字典用来爆破,针对利用开源github搭建的网站的路径提取☆27Aug 20, 2022Updated 3 years ago
- Handy scripts and one-liners to make life easier☆36Mar 6, 2023Updated 2 years ago
- part of my wordlist to bruteforce DNS to find subdoamains.☆61Jul 26, 2021Updated 4 years ago
- Simple Python script to sort nuclei scans by severity and URL☆29May 24, 2023Updated 2 years ago
- Some simple scripts that I use during bug bounty hunting in Android Apps☆28Jan 30, 2025Updated last year
- Final assignment for the course Data Visualization with Python, part of IBM Data Science Professional Certification on Coursera☆11Jun 22, 2020Updated 5 years ago
- crtdumper is a Go application designed to interact directly with Certificate Transparency (CT) logs servers and extract domain names fro…☆41Jun 22, 2024Updated last year
- POC for VMWARE CVE-2022-22954☆282Apr 13, 2022Updated 3 years ago
- A deliberately insecure Java web application☆44Oct 23, 2025Updated 4 months ago
- JIRA"YA is a vulnerability analyzer for JIRA instances. It runs active scans to identify vulnerabilities by interacting with the host and…☆41Aug 23, 2024Updated last year
- AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration test…☆37Feb 15, 2026Updated 2 weeks ago
- Black box fuzzer for web applications☆437Jul 20, 2025Updated 7 months ago
- ☆69Jun 8, 2023Updated 2 years ago
- Automatic multiprocess Linux CLI tool that aims for a quick enumeration wrapping pentesting tools.☆13Feb 22, 2026Updated last week