PrOfESSOS is our open source implementation for fully automated Evaluation-as-a-Service for SSO. PrOfESSOS introduces a generic approach to improve the security of OpenID Connect implementations by systematically detecting vulnerabilities.
☆29Jan 8, 2023Updated 3 years ago
Alternatives and similar repositories for PrOfESSOS
Users that are interested in PrOfESSOS are comparing it to the libraries listed below
Sorting:
- ☆30Sep 1, 2022Updated 3 years ago
- PHDAYS |||☆17May 23, 2013Updated 12 years ago
- Obfuscated Invoke-Mimikatz script☆13May 29, 2018Updated 7 years ago
- take a list of resolved subdomains and output any corresponding CNAMES en masse.☆18Jan 29, 2026Updated last month
- References, tools and sample payloads☆11Sep 16, 2016Updated 9 years ago
- FutureTrust analyzes electronic identification (eID) services in Europe and beyond. It is funded within the EU Framework Programme for Re…☆12Nov 16, 2022Updated 3 years ago
- Active Directory information dumper via LDAP☆13Mar 5, 2020Updated 6 years ago
- WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr …☆491Oct 3, 2024Updated last year
- DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it☆13Mar 5, 2021Updated 5 years ago
- Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be a…☆18May 17, 2020Updated 5 years ago
- Minimalist cheat sheet for developpers to write secure code☆54Jul 17, 2020Updated 5 years ago
- Purposely Vulnerable Embedded Device☆22Jun 19, 2017Updated 8 years ago
- From monolith to containerized microservices to serverless☆15Dec 1, 2018Updated 7 years ago
- ☆11Aug 2, 2016Updated 9 years ago
- Pythia server (prototype) implementation☆13Nov 8, 2018Updated 7 years ago
- Exactly what it sounds like, which is something rad☆22Oct 12, 2022Updated 3 years ago
- Plugin for binary ninja to centralize features useful in static analysis.☆15Mar 3, 2020Updated 6 years ago
- Wintermute Endpoint Search: Parse source code pulling out endpoints, parameters, and a bunch of other stuff☆14May 20, 2019Updated 6 years ago
- Timeinator is an extension for Burp Suite that can be used to perform timing attacks over an unreliable network such as the internet.☆22May 9, 2023Updated 2 years ago
- Tools for timing attacks☆19Oct 19, 2015Updated 10 years ago
- Collection of tools to interact with Intigriti website☆17Aug 10, 2024Updated last year
- Quick Start/Setup of CI/CD for Offensive/Defensive Purposes☆21Sep 4, 2021Updated 4 years ago
- Automatic VLAN configuration tool for Linux☆25Jan 24, 2019Updated 7 years ago
- Threat Modeling Manifesto☆30Jul 18, 2024Updated last year
- an asynchronous target enumeration tool☆246Dec 8, 2022Updated 3 years ago
- A tools for JavaScript Recon☆24Jul 25, 2020Updated 5 years ago
- ☆16May 6, 2015Updated 10 years ago
- A wrapper around jq, to help you parse jq output!☆30Aug 23, 2020Updated 5 years ago
- Vulnerable Node.js Web Application to pratice with your pentesting skills☆21Apr 29, 2017Updated 8 years ago
- A tool to download program information from Bugcrowd, for use by researchers to compare programs they are eligible to participate in☆21Dec 22, 2022Updated 3 years ago
- Automatically parses and attacks BloodHound-generated graphs☆43Jul 16, 2018Updated 7 years ago
- This test suite contains over 40 different test cases that have proven to work with different mobile browsers in my research or testing S…☆30Jul 12, 2019Updated 6 years ago
- Pentester-focused Docker registry tool to enumerate and pull images☆114Jan 27, 2020Updated 6 years ago
- ETW-Almulahaza is a consumer python-based tool that help you monitor ETW events of the operating system☆13Jun 24, 2022Updated 3 years ago
- A BurpSuite plugin for BBRF☆25Nov 17, 2024Updated last year
- OpenBugBounty - https://www.openbugbounty.org/ programs list☆23Mar 15, 2021Updated 5 years ago
- Offline, client-side encrypted plaintext editor in an HTML file☆22Jan 29, 2016Updated 10 years ago
- ☆26Sep 29, 2018Updated 7 years ago
- This is a tool to instantly test if an application handles SSL certificates the way it is supposed to.☆25Mar 17, 2023Updated 3 years ago