nccgroup / RFC-Security-Research

Related projects ⓘ

Alternatives and complementary repositories for RFC-Security-Research

• laconicwolf / cors-scanner
  A multi-threaded scanner that helps identify CORS flaws/misconfigurations
  ☆18Updated 4 years ago
• N0MoreSecr3ts / wraith-signatures
  Signatures for wraith used to detect secrets across various sources
  ☆15Updated 2 years ago
• cosmoscrew / ssrf-playground
  A playground to practice SSRF Attacks against web apps
  ☆17Updated 6 years ago
• pry0cc / pscan
  A parallel scanner that utilises axiom to spin up servers and parallel scan using masscan.
  ☆16Updated 4 years ago
• nscuro / fdnssearch
  Swiftly search FDNS datasets from Rapid7 Open Data
  ☆21Updated last year
• random-robbie / kube-scan
  Kubernetes Scanner
  ☆41Updated 2 years ago
• nccgroup / encoderama
  String or worldlist encoder for use in fuzzing or web application testing
  ☆17Updated 5 years ago
• Static-Flow / DirectoryImporter
  This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…
  ☆36Updated last year
• mubix / lmo
  LetMeOutOfYour.net Resources
  ☆20Updated 4 years ago
• nccgroup / clickjacking-poc
  Clickjacking PoC Generator
  ☆35Updated 4 years ago
• PortSwigger / lightbulb-framework
  Tools for auditing WAFS
  ☆18Updated 2 years ago
• dozernz / bugstropics
  Supporting material for the "Hunting Bugs In The Tropics" DEFCON 30 talk
  ☆9Updated 2 years ago
• vp777 / metahttp
  A bash script that automates the scanning of a target network for HTTP resources through XXE
  ☆37Updated 3 years ago
• pownjs / leaks
  Extensive code infrastructure for finding unintended information leaks in files, git repositories and much more.
  ☆28Updated 2 years ago
• sahadnk72 / jecretz
  Jira Secret Hunter - Helps you find credentials and sensitive contents in Jira tickets
  ☆42Updated last year
• TypeError / reflect
  OWASP ZAP add-on to detect reflected parameter vulnerabilities efficiently
  ☆12Updated 3 years ago
• airman604 / cms2cmd
  ☆10Updated 5 years ago
• ninoseki / rogue_one
  A rogue DNS detector
  ☆23Updated last year
• cnotin / burp-scan-manual-insertion-point
  Burp Suite Pro extension
  ☆10Updated 7 years ago
• Static-Flow / goRecorder
  During pentesting I often miss screenshots of events for reports due to the quick pace of testing and a lack of foreknowledge about what …
  ☆25Updated 5 years ago
• random-robbie / aquatone-docker
  Docker Version of Aquatone
  ☆13Updated 6 years ago
• cosmoscrew / gomassdns
  A better dns bruteforcer written in golang
  ☆13Updated 6 years ago
• lowleveldesign / aspnetcrypter
  ☆18Updated 7 years ago
• redtimmy / OAMBuster
  Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)
  ☆24Updated 5 years ago
• giovanifss / Gitmails-sh
  An information gathering tool to collect git emails in version control host services
  ☆11Updated 5 years ago
• PortSwigger / attack-surface-detector
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆13Updated 2 years ago
• wireghoul / presentations
  Slides and demo code for past presentations
  ☆11Updated 2 years ago
• alt3kx / wafparan01d3
  Quick WAF "paranoid" Doctor Evaluation | WAFPARAN01D3 Tool
  ☆25Updated 2 years ago
• agrawalsmart7 / otphacks
  ☆20Updated 4 years ago
• denniskniep / interactsh_deploy
  Interactsh deployment to AWS EC2 Instance with Terraform
  ☆11Updated 2 years ago