All my infosec notes I have been building up over the years
☆337Feb 21, 2025Updated last year
Alternatives and similar repositories for kb
Users that are interested in kb are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A better dns bruteforcer written in golang☆13Nov 4, 2018Updated 7 years ago
- Crawl Google and Bing to find emails, subdomains and URLs associated to a target domain☆50Feb 2, 2021Updated 5 years ago
- JWT fuzzer☆107Jul 24, 2018Updated 7 years ago
- Red Team Tips as posted by @vysecurity on Twitter☆1,115Apr 26, 2020Updated 5 years ago
- Small scripts to assist in pentesting☆19Feb 2, 2021Updated 5 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.☆3,875May 20, 2025Updated 10 months ago
- Albatar is a SQLi exploitation framework in Python☆137Jan 24, 2025Updated last year
- SSRF (Server Side Request Forgery) testing resources☆2,485Oct 12, 2024Updated last year
- ☆122Mar 27, 2017Updated 9 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆26Dec 12, 2018Updated 7 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Mar 1, 2023Updated 3 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆378Oct 12, 2020Updated 5 years ago
- Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.☆472Nov 14, 2019Updated 6 years ago
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆608May 17, 2019Updated 6 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆683Jan 28, 2024Updated 2 years ago
- Automatic tool for DNS rebinding-based SSRF attacks☆305Aug 21, 2020Updated 5 years ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,170May 26, 2023Updated 2 years ago
- A permutation generation tool written in golang☆211Jul 15, 2019Updated 6 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,794Apr 26, 2024Updated last year
- Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.☆1,733Dec 1, 2024Updated last year
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys☆661Feb 1, 2025Updated last year
- A tool for embedding XXE/XML exploits into different filetypes☆1,146Dec 16, 2024Updated last year
- Browser's XSS Filter Bypass Cheat Sheet☆1,152May 6, 2017Updated 8 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Wiki to collect Red Team infrastructure hardening resources☆4,468Oct 1, 2025Updated 6 months ago
- Fetch known urls from AlienVault's Open Threat Exchange for given hosts☆63Jul 22, 2019Updated 6 years ago
- A tool that can help detect and takeover subdomains with dead DNS records☆12Aug 23, 2018Updated 7 years ago
- This tool can be used to brute discover GET and POST parameters☆1,393Aug 24, 2019Updated 6 years ago
- Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]☆304Oct 14, 2018Updated 7 years ago
- Red Team Scripts by d0nkeys (ex SnadoTeam)☆702Jul 27, 2020Updated 5 years ago
- A Powerful Subdomain Takeover Tool☆963Oct 17, 2023Updated 2 years ago
- Apache Solr Injection Research☆581Jan 28, 2020Updated 6 years ago
- offsec batteries included☆1,609Mar 11, 2024Updated 2 years ago
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Notes about attacking Jenkins servers☆2,091Jul 10, 2024Updated last year
- This application is developed to test the race condition vulnerability in the web application. We have discussed about this vulnerability…☆14Oct 1, 2016Updated 9 years ago
- Scan secrets from Continuous Integration Build Logs☆53Oct 14, 2019Updated 6 years ago
- secretz, minimizing the large attack surface of Travis CI☆324May 30, 2022Updated 3 years ago
- An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.☆5,927Oct 20, 2025Updated 5 months ago
- ☆332Jan 8, 2018Updated 8 years ago
- Data from my Sunday streams☆75Jul 28, 2019Updated 6 years ago