happycakefriends / certainlyLinks
Certainly is a offensive security toolkit to capture large amounts of traffic in various network protocols in bitflip and typosquat scenarios.
☆223Updated last year
Alternatives and similar repositories for certainly
Users that are interested in certainly are comparing it to the libraries listed below
Sorting:
- ☆194Updated 8 months ago
- A research project to add some brrrrrr to Burp☆196Updated 11 months ago
- Dredging up secrets from the depths of the file system☆131Updated last year
- Abuse trust-boundaries to bypass firewalls and network controls☆385Updated 5 months ago
- SubSnipe is a tool designed to help find subdomains that are vulnerable to takeover.☆130Updated 11 months ago
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆275Updated 7 months ago
- This repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used…☆237Updated last year
- FrogPost: postMessage Security Testing Tool☆105Updated last month
- CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …☆125Updated last year
- OWASP Foundation web repository☆43Updated 3 weeks ago
- A collection of Turbo Intruder scripts.☆66Updated 11 months ago
- Python script to enumerate valid Microsoft 365 domains, retrieve tenant name, and check for an MDI instance.☆213Updated last year
- The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…☆240Updated 3 years ago
- Azure mindmap for penetration tests☆194Updated 2 years ago
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…☆128Updated 3 years ago
- tool designed for identifying vulnerabilities in open source codebases at scale. It can gather and filter on key repository metrics such …☆234Updated 11 months ago
- A collection of Active Directory, phishing, mobile technology, system, service, web application, and wireless technology weaknesses that …☆255Updated 3 years ago
- Find CVEs associated to Linux and public exploits on github☆119Updated 9 months ago
- Scripts to download every Wordpress plugin (updated in the last 2 years) and run Semgrep over the lot of it while storing output in a dat…☆89Updated 11 months ago
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆163Updated last year
- ☆516Updated last year
- A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery☆378Updated last year
- ☆41Updated 2 weeks ago
- Nuclei templates for honeypots detection.☆196Updated 2 years ago
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆237Updated 2 years ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆164Updated 2 months ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆438Updated 2 weeks ago
- gubble is a tool designed to audit Google Workspace group settings. It analyzes settings such as who can join, view membership, post mess…☆79Updated 7 months ago
- ☆173Updated 9 months ago
- A Go-based utility that processes input through multiple AI models concurrently (OpenAI, Claude, and Gemini) and provides a summarized co…☆87Updated 6 months ago