Scripts that I've written that others may find useful
☆14Aug 17, 2022Updated 3 years ago
Alternatives and similar repositories for scripts
Users that are interested in scripts are comparing it to the libraries listed below
Sorting:
- ☆13Dec 30, 2024Updated last year
- ☆16Mar 4, 2019Updated 7 years ago
- Merge results from NMAP and Masscan into one CSV file☆18Jun 19, 2018Updated 7 years ago
- BurpJDSer-ng☆29Updated this week
- Squirtle the Browser-based NTLM Attack Toolkit☆17Apr 13, 2015Updated 10 years ago
- A passive scanning tool for finding expired domain vulnerabilities while you browse.☆43Feb 6, 2019Updated 7 years ago
- Proof of Concept code for CVE-2015-0345 (APSB15-07)☆22Jun 12, 2015Updated 10 years ago
- Given a list of domains and known IP and buckets that are owned, which might be susceptible to domain hijacking?☆15Sep 20, 2024Updated last year
- A simple bash script that uses smbclient to test access to Windows file shares in automated fashion.☆19Jul 9, 2015Updated 10 years ago
- Dockerfiles for containerized osquery☆14May 23, 2017Updated 8 years ago
- Scans crossdomain.xml policies for expired domain names.☆26Aug 4, 2015Updated 10 years ago
- A Burp Suite extension that checks if a particular URL responds differently to various User-Agent headers☆15Sep 4, 2014Updated 11 years ago
- Generate MAEC XML from Ero Carrera's pefile output☆15Mar 6, 2017Updated 9 years ago
- PHDAYS |||☆17May 23, 2013Updated 12 years ago
- A project inspired by BadUSB paper, USB Rubber Ducky and Samy Kamkar's project "USBDriveBy". Making the teensy microcontroller an evil li…☆12Mar 19, 2016Updated 10 years ago
- A tool that can help detect and takeover subdomains with dead DNS records☆12Aug 23, 2018Updated 7 years ago
- This is a Burp extension for adding additional payloads to active scanner that require out-of-band validation. Works great with XSSHunter☆20Feb 16, 2017Updated 9 years ago
- Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.☆12Sep 30, 2018Updated 7 years ago
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- Generates Flash based CORS CSRF Proof of Concepts that can be sent directly to clients☆14Jul 3, 2013Updated 12 years ago
- Python tool to check for expired domains still allowed in crossdomain.xml files☆13Jan 11, 2017Updated 9 years ago
- Send HTTP scrapers to Wonderland☆24Jan 7, 2019Updated 7 years ago
- Stay on top of new domains! Bug bounty hunters can use this tool to receive Pushbullet notifications each time there is a new target subd…☆26Apr 14, 2018Updated 7 years ago
- An example of high-QPS requesting Burp Intruder style on AWS Lambda via self-invocation.☆22Nov 15, 2018Updated 7 years ago
- Cheat sheets☆10Jul 4, 2016Updated 9 years ago
- An interactive OOB XXE data exfiltration tool☆92May 31, 2017Updated 8 years ago
- BountyDash is a tool to combine your rewards from all platforms, giving you insights about your progress and bug hunting patterns.☆163Apr 24, 2025Updated 10 months ago
- Web Application Security☆131Jan 6, 2026Updated 2 months ago
- The repository for Building visualisation platforms for OSINT data using open source solutions☆29Aug 21, 2018Updated 7 years ago
- It's bloody scantastic☆239Jun 21, 2022Updated 3 years ago
- Credentials Checking Framework☆53Feb 8, 2023Updated 3 years ago
- Open Red Team Bag of Tricks - Red Teaming and Pentesting cheat sheet and trick book☆97Jan 25, 2017Updated 9 years ago
- Recon_profile☆38May 18, 2020Updated 5 years ago
- Python tool for expired domain discovery in crossdomain.xml files☆23Feb 21, 2017Updated 9 years ago
- A set of infrastructure-as-code examples to help those getting started with DevOps tools☆17Sep 26, 2024Updated last year
- CVE-2020-25223☆11Sep 13, 2021Updated 4 years ago
- Burp Suite plugin created for using Collaborator tool during manual testing☆19Feb 4, 2022Updated 4 years ago
- Tools for GitHub issue and milestone consolidation across projects.☆63May 27, 2015Updated 10 years ago
- Burp Suite extension for JAX-RS☆65Mar 17, 2017Updated 9 years ago