A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.
☆142Jul 9, 2024Updated last year
Alternatives and similar repositories for drek
Users that are interested in drek are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Example signature files for drek.☆12Jan 10, 2018Updated 8 years ago
- Watchtower is a Static Code Analysis tool designed to assist security auditors who are tasked with performing manual code reviews. It is …☆112Jun 27, 2017Updated 8 years ago
- Monitor arbitrary TCP traffic using your HTTP interception proxy of choice☆48Sep 13, 2017Updated 8 years ago
- Fuzzing tool written in Golang. Insane monkey not included.☆12Feb 22, 2018Updated 8 years ago
- MalRecon - Basic Malware Reconnaissance and Analysis Tool☆26Jun 8, 2017Updated 8 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- A WebDAV PROPFIND covert channel to deliver payloads☆52Nov 14, 2017Updated 8 years ago
- Lazy Bloodhound is a toy PHP static code analyzer built on tree-sitter☆13Feb 19, 2021Updated 5 years ago
- ☆17Oct 5, 2020Updated 5 years ago
- Automatic tool using for crawling code to find low-hang fruit vulnerabilities - Based on OWASP Secure Code Review Guide☆21Aug 31, 2020Updated 5 years ago
- Get detailed information about a Twitter user activity☆17Dec 14, 2017Updated 8 years ago
- POC for IAT Parsing Payloads☆48Jan 1, 2017Updated 9 years ago
- Regex patterns for manual application source code review☆33Dec 14, 2020Updated 5 years ago
- Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!☆104Jun 1, 2018Updated 7 years ago
- A platform to run private unannounced Honeypots as Tor Hidden Services (aka Onion Decoys) inside the Tor Network.☆25Aug 14, 2017Updated 8 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- ☆11Apr 28, 2017Updated 8 years ago
- A graphical security analysis tool for IoT networks☆200Apr 17, 2019Updated 6 years ago
- Various Scripts for Mobile Pen-testing with Frida☆75Jun 14, 2016Updated 9 years ago
- A webshell framework for penetration testers.☆301Aug 10, 2025Updated 7 months ago
- A shellcode testing harness.☆70Jul 10, 2024Updated last year
- ANWI - All New Wireless IDS☆28Nov 28, 2025Updated 4 months ago
- Node JS code for a set of Alexa voice skills designed to assist hackers and developers with common tasks☆56Mar 6, 2019Updated 7 years ago
- GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.☆635Jun 20, 2017Updated 8 years ago
- Scripts and auxiliary files for fuzzing PHP's unserialize function☆46Aug 13, 2017Updated 8 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Materials for 44con 2014 CANAPE Workshop☆23Sep 11, 2014Updated 11 years ago
- Source Code Intelligence☆30Aug 21, 2017Updated 8 years ago
- Reverse or bind shell catcher which uprgrades the caught shell to be more like a regular shell☆26Mar 17, 2019Updated 7 years ago
- This is a Burp extension for adding additional payloads to active scanner that require out-of-band validation. Works great with XSSHunter☆20Feb 16, 2017Updated 9 years ago
- Vulnerability Assessment and Penetration Testing Toolkit☆19Jan 5, 2022Updated 4 years ago
- Nail in the JKS coffin - Cracking passwords of private key entries in a JKS file☆189Sep 21, 2020Updated 5 years ago
- Customizable lazy exploit pattern utility.☆13Oct 2, 2022Updated 3 years ago
- ☆30May 23, 2017Updated 8 years ago
- Cracker for Apache.lang.commons RandomStringUtils(). Code for "The Java Soothsayer" talk at EkoParty 2017 by Alejo Popovici.☆33Mar 13, 2018Updated 8 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Advanced Vulnerable Web Application (AVWA)☆14Jun 10, 2017Updated 8 years ago
- Megagrep helps beginning a code review by searching for keywords in the code using "grep". It does not search for vulnerabilities directl…☆15Aug 8, 2022Updated 3 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆378Oct 12, 2020Updated 5 years ago
- The Inspector tool is a privilege escalation helper (PoC), easy to deployed on web server, this tool can list process running with root, …☆122Oct 2, 2018Updated 7 years ago
- Puny Domain Name Check☆38Jul 29, 2019Updated 6 years ago
- A tool that can help detect and takeover subdomains with dead DNS records☆12Aug 23, 2018Updated 7 years ago
- Highlight Burp proxy requests made by different browsers☆29Sep 21, 2017Updated 8 years ago