bl4de / security_whitepapers

Related projects: ⓘ

• crsftw / OSCP-cheat-sheet
  ☆316Updated this week
• bugbountyforum / XSS-Radar
  ☆316Updated 6 years ago
• lucyoa / ctf-wiki
  ☆290Updated this week
• pathetiq / BurpSmartBuster
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆382Updated 3 years ago
• ak1t4 / open-redirect-scanner
  ☆207Updated this week
• Varbaek / xsser
  From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
  ☆423Updated 4 years ago
• Plazmaz / Sublist3r
  Fast subdomains enumeration tool for penetration testers
  ☆117Updated 5 years ago
• codewatchorg / sqlipy
  SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.
  ☆252Updated 3 months ago
• dustyfresh / PHP-vulnerability-audit-cheatsheet
  This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabi…
  ☆345Updated 6 years ago
• mazen160 / struts-pwn_CVE-2018-11776
  An exploit for Apache Struts CVE-2018-11776
  ☆300Updated 6 years ago
• FSecureLABS / dref
  DNS Rebinding Exploitation Framework
  ☆479Updated 3 years ago
• kurobeats / pentest-bookmarks
  ☆139Updated this week
• P0cL4bs / kadimus
  kadimus is a tool to check and exploit lfi vulnerability.
  ☆511Updated 4 years ago
• ewilded / psychoPATH
  psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-s…
  ☆270Updated 3 years ago
• sectalks / sectalks
  CTFs, solutions and presentations
  ☆285Updated last month
• RhinoSecurityLabs / SleuthQL
  Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.
  ☆464Updated 4 years ago
• TyrantSec / Fuzzing
  Fuzzing Payloads to Assist in Web Application Testing.
  ☆164Updated 5 years ago
• ferreirasc / OSCP_study_guide
  Notes of my OSCP study plan
  ☆459Updated 2 years ago
• frizb / Bypassing-Web-Application-Firewalls
  A series of python scripts for generating weird character combinations for bypassing web application firewalls (WAF) and XSS blockers
  ☆273Updated 5 years ago
• anshumanbh / brutesubs
  An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …
  ☆257Updated 3 years ago
• orangetw / Tiny-URL-Fuzzer
  A tiny and cute URL fuzzer
  ☆386Updated last year
• 003random / 003Recon
  Some tools to automate recon - 003random
  ☆294Updated 6 years ago
• ChrisTruncer / PenTestScripts
  Scripts that are useful for me on pen tests
  ☆523Updated 2 years ago
• m4ll0k / AutoNSE
  ☆326Updated this week
• cyberheartmi9 / CVE-2017-12617
  Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution
  ☆389Updated 6 years ago
• henshin / filebuster
  An extremely fast and flexible web fuzzer
  ☆212Updated last year
• ankh2054 / windows-pentest
  Windows Pentest Scripts
  ☆226Updated 6 years ago
• SolomonSklash / chomp-scan
  A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.
  ☆393Updated 4 years ago
• s1kr10s / Apache-Struts-v4
  ☆209Updated 3 years ago
• nccgroup / shocker
  A tool to find and exploit servers vulnerable to Shellshock
  ☆332Updated last year