A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.
☆142Jul 9, 2024Updated last year
Alternatives and similar repositories for drek
Users that are interested in drek are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Watchtower is a Static Code Analysis tool designed to assist security auditors who are tasked with performing manual code reviews. It is …☆109Jun 27, 2017Updated 8 years ago
- Monitor arbitrary TCP traffic using your HTTP interception proxy of choice☆48Sep 13, 2017Updated 8 years ago
- Fuzzing tool written in Golang. Insane monkey not included.☆12Feb 22, 2018Updated 8 years ago
- MalRecon - Basic Malware Reconnaissance and Analysis Tool☆26Jun 8, 2017Updated 8 years ago
- A WebDAV PROPFIND covert channel to deliver payloads☆52Nov 14, 2017Updated 8 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- ☆17Apr 28, 2026Updated last week
- Get detailed information about a Twitter user activity☆17Dec 14, 2017Updated 8 years ago
- POC for IAT Parsing Payloads☆48Jan 1, 2017Updated 9 years ago
- Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!☆104Jun 1, 2018Updated 7 years ago
- A platform to run private unannounced Honeypots as Tor Hidden Services (aka Onion Decoys) inside the Tor Network.☆25Aug 14, 2017Updated 8 years ago
- ☆11Apr 28, 2017Updated 9 years ago
- A graphical security analysis tool for IoT networks☆200Apr 17, 2019Updated 7 years ago
- Various Scripts for Mobile Pen-testing with Frida☆75Jun 14, 2016Updated 9 years ago
- A webshell framework for penetration testers.☆301Aug 10, 2025Updated 9 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A shellcode testing harness.☆70Jul 10, 2024Updated last year
- ANWI - All New Wireless IDS☆28Nov 28, 2025Updated 5 months ago
- Node JS code for a set of Alexa voice skills designed to assist hackers and developers with common tasks☆56Mar 6, 2019Updated 7 years ago
- GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.☆635Jun 20, 2017Updated 8 years ago
- Scripts and auxiliary files for fuzzing PHP's unserialize function☆46Aug 13, 2017Updated 8 years ago
- Materials for 44con 2014 CANAPE Workshop☆23Sep 11, 2014Updated 11 years ago
- Source Code Intelligence☆30Aug 21, 2017Updated 8 years ago
- Reverse or bind shell catcher which uprgrades the caught shell to be more like a regular shell☆26Mar 17, 2019Updated 7 years ago
- This is a Burp extension for adding additional payloads to active scanner that require out-of-band validation. Works great with XSSHunter☆20Feb 16, 2017Updated 9 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Vulnerability Assessment and Penetration Testing Toolkit☆18Jan 5, 2022Updated 4 years ago
- Nail in the JKS coffin - Cracking passwords of private key entries in a JKS file☆189Sep 21, 2020Updated 5 years ago
- Customizable lazy exploit pattern utility.☆13Oct 2, 2022Updated 3 years ago
- ☆30May 23, 2017Updated 8 years ago
- Cracker for Apache.lang.commons RandomStringUtils(). Code for "The Java Soothsayer" talk at EkoParty 2017 by Alejo Popovici.☆33Mar 13, 2018Updated 8 years ago
- Advanced Vulnerable Web Application (AVWA)☆14Jun 10, 2017Updated 8 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆378Oct 12, 2020Updated 5 years ago
- The Inspector tool is a privilege escalation helper (PoC), easy to deployed on web server, this tool can list process running with root, …☆121Oct 2, 2018Updated 7 years ago
- Puny Domain Name Check☆38Jul 29, 2019Updated 6 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A tool that can help detect and takeover subdomains with dead DNS records☆12Aug 23, 2018Updated 7 years ago
- Highlight Burp proxy requests made by different browsers☆29Sep 21, 2017Updated 8 years ago
- Issues to consider when planning a red team exercise.☆612Aug 23, 2017Updated 8 years ago
- This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.☆59Apr 3, 2017Updated 9 years ago
- Transparently log all data passed into known JavaScript sinks - Sink Logger extension for Burp.☆49Jul 20, 2022Updated 3 years ago
- A tool to surface security issues in python code☆227Apr 20, 2017Updated 9 years ago
- application server attack toolkit☆688Apr 6, 2020Updated 6 years ago