mhaskar / Bughound
Static code analysis tool based on Elasticsearch
☆129Updated 3 years ago
Related projects: ⓘ
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆74Updated 2 years ago
- A simple remote scanner for Atlassian Jira☆117Updated last year
- Weaponizing Live CT logs for automated monitoring of assets☆132Updated 3 years ago
- Recurrent Neural Network SubDomain Discovery Tool☆90Updated last year
- Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, an…☆136Updated last year
- Workshop given at Hack in Paris 2019☆119Updated last year
- Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.☆119Updated last year
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆162Updated 3 years ago
- Preparation for OSWE☆39Updated 4 years ago
- A Burp Suite Extension for parsing Project Files from the CLI.☆82Updated last year
- ☆62Updated 5 years ago
- ☆145Updated 2 years ago
- Scripts and tools for AWS Pentest☆51Updated 3 years ago
- NotSoCereal: A Deserialization exploit playground☆48Updated 2 years ago
- ☆207Updated this week
- This lab is created to demonstrate pass-the-hash, blind sql and SSTI vulnerabilities☆86Updated last year
- A projectdiscovery driven attack surface monitoring bot powered by axiom☆175Updated 2 years ago
- part of my wordlist to bruteforce DNS to find subdoamains.☆62Updated 3 years ago
- Tools to assess the DNS security of web applications☆125Updated last year
- Custom scripts for the PIPER Burp extensions.☆97Updated 11 months ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆130Updated 3 years ago
- OSCP guide and Red Team assessment Guide☆33Updated 4 years ago
- Check AWS S3 instances for read/write/delete access☆119Updated 2 years ago
- Searching for virtual hosts among non-resolvable domains☆86Updated 4 years ago
- Contains all my research and content produced regarding the log4shell vulnerability☆32Updated 2 years ago
- Find the remote website version based on a git repository☆122Updated 3 years ago
- A simple tool to detect wildcards domain based on Amass's wildcards detector.☆62Updated 3 years ago
- ☆47Updated 3 years ago
- ☆56Updated 2 months ago
- This script is a multi-threaded Okta password sprayer.☆66Updated 8 months ago