brannondorsey / dns-rebind-toolkit

Related projects: ⓘ

• brannondorsey / whonow
  A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
  ☆619Updated 2 years ago
• FSecureLABS / dref
  DNS Rebinding Exploitation Framework
  ☆479Updated 3 years ago
• PortSwigger / hackability
  Probe a rendering engine for vulnerabilities and other features
  ☆364Updated 2 years ago
• SolomonSklash / chomp-scan
  A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.
  ☆393Updated 4 years ago
• appsecco / bugcrowd-levelup-subdomain-enumeration
  This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…
  ☆631Updated 5 years ago
• pownjs / pown
  Pown.js is a security testing an exploitation toolkit built on top of Node.js and NPM.
  ☆259Updated last year
• davidpepper / fierce-domain-scanner
  Fierce.pl Domain Scanner
  ☆293Updated 5 years ago
• ropnop / serverless_toolkit
  A collection of useful Serverless functions I use when pentesting
  ☆379Updated last year
• mandatoryprogrammer / JudasDNS
  Nameserver DNS poisoning attacks made easy
  ☆515Updated 7 years ago
• mthbernardes / GTRS
  GTRS - Google Translator Reverse Shell
  ☆614Updated last year
• nccgroup / tracy
  A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
  ☆552Updated last year
• orangetw / Tiny-URL-Fuzzer
  A tiny and cute URL fuzzer
  ☆386Updated last year
• dxa4481 / cssInjection
  Stealing CSRF tokens with CSS injection (without iFrames)
  ☆315Updated 6 years ago
• mandatoryprogrammer / cloudflare_enum
  Cloudflare DNS Enumeration Tool for Pentesters
  ☆514Updated 2 years ago
• PortSwigger / collaborator-everywhere
  A Burp Suite Pro extension which augments your proxy traffic by injecting non-invasive headers designed to reveal backend systems by caus…
  ☆421Updated 9 months ago
• bugbountyforum / XSS-Radar
  ☆317Updated 6 years ago
• Varbaek / xsser
  From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
  ☆423Updated 4 years ago
• cheetz / sslScrape
  SSLScrape | A scanning tool for scaping hostnames from SSL certificates.
  ☆328Updated 3 years ago
• franccesco / getaltname
  Extract subdomains from SSL certificates in HTTPS sites.
  ☆364Updated 3 weeks ago
• bl4de / security_whitepapers
  ☆376Updated this week
• raz-varren / xsshell
  An XSS reverse shell framework
  ☆301Updated 5 years ago
• jcesarstef / dotdotslash
  Search for Directory Traversal Vulnerabilities
  ☆407Updated 3 months ago
• nccgroup / shocker
  A tool to find and exploit servers vulnerable to Shellshock
  ☆332Updated last year
• blacknbunny / CVE-2018-10933
  Spawn to shell without any credentials by using CVE-2018-10933 (LibSSH)
  ☆495Updated 9 months ago
• chris408 / ct-exposer
  An OSINT tool that discovers sub-domains by searching Certificate Transparency logs
  ☆465Updated 2 years ago
• 0x4D31 / burpa
  Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Applica…
  ☆480Updated 6 years ago
• bitquark / dnspop
  Analysis of DNS records to find popular trends
  ☆440Updated 8 years ago
• cure53 / browser-sec-whitepaper
  Cure53 Browser Security White Paper
  ☆286Updated 6 years ago
• pathetiq / BurpSmartBuster
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆382Updated 3 years ago
• initstring / uptux
  Linux privilege escalation checks (systemd, dbus, socket fun, etc)
  ☆287Updated 4 years ago