A collection of useful Serverless functions I use when pentesting
☆391Dec 9, 2022Updated 3 years ago
Alternatives and similar repositories for serverless_toolkit
Users that are interested in serverless_toolkit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A collection of my Dockerfiles☆90Dec 9, 2022Updated 3 years ago
- A mini webserver with FTP support for XXE payloads☆343Jan 3, 2024Updated 2 years ago
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys☆660Feb 1, 2025Updated last year
- Remote Recon and Collection☆461Nov 23, 2017Updated 8 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆301Feb 12, 2023Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- C# Targeted Attack Reconnissance Tools☆120Jan 11, 2021Updated 5 years ago
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.☆136Sep 25, 2019Updated 6 years ago
- SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API.☆110Jan 20, 2021Updated 5 years ago
- Automated blind-xss search for Burp Suite☆283Oct 10, 2019Updated 6 years ago
- Lazykatz is an automation developed to extract credentials from remote targets protected with AV and/or application whitelisting software…☆200Nov 19, 2017Updated 8 years ago
- Python script which will type a file into an RDP session. For when drag and drop and disk mounting is not possible☆33May 3, 2024Updated 2 years ago
- SMB MiTM tool with a focus on attacking clients through file content swapping, lnk swapping, as well as compromising any data passed over…☆383Aug 17, 2018Updated 7 years ago
- Complex payload encoder☆242Jan 20, 2024Updated 2 years ago
- Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to …☆763Sep 23, 2024Updated last year
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- A Burp Suite content discovery plugin that add the smart into the Buster!☆378Oct 12, 2020Updated 5 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,494Oct 12, 2024Updated last year
- Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.☆1,560Mar 7, 2024Updated 2 years ago
- BURP extension providing a set of values for the HTTP request "Host" header for the "BURP Intruder" in order to abuse virtual host resolu…☆60Oct 8, 2017Updated 8 years ago
- GTRS - Google Translator Reverse Shell☆626Sep 26, 2025Updated 7 months ago
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…☆298Apr 9, 2026Updated last month
- A tool that can help detect and takeover subdomains with dead DNS records☆12Aug 23, 2018Updated 7 years ago
- A WebSocket C2 Tool☆417Nov 24, 2017Updated 8 years ago
- Firework is a proof of concept tool to interact with Microsoft Workplaces creating valid files required for the provisioning process.☆44Aug 7, 2020Updated 5 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Jsdir is a Burp Suite extension that extracts hidden paths from js files and beautifies it for further reading.☆121Sep 12, 2020Updated 5 years ago
- Automatic tool for DNS rebinding-based SSRF attacks☆305Aug 21, 2020Updated 5 years ago
- Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)☆1,612Dec 10, 2018Updated 7 years ago
- scripts for pentesting☆86Aug 21, 2018Updated 7 years ago
- My solutions in Python for Corelan's Exploit Writing Tutorials☆13Jun 2, 2016Updated 9 years ago
- Automate common Chrome Debug Protocol tasks to help debug web applications from the command-line and actively monitor and intercept HTTP …☆73Aug 11, 2021Updated 4 years ago
- A better dns bruteforcer written in golang☆13Nov 4, 2018Updated 7 years ago
- Find cloud assets that no one wants exposed 🔎 ☁️☆349Jul 20, 2020Updated 5 years ago
- Multi Tool Subdomain Enumeration☆722Apr 11, 2021Updated 5 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Extract subdomains from SSL certificates in HTTPS sites.☆390Mar 3, 2025Updated last year
- Archaeologit scans the history of a user's GitHub repositories for a given pattern to find sensitive things.☆143Jul 2, 2018Updated 7 years ago
- Fast directory scanning and scraping tool☆633Apr 14, 2026Updated last month
- RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities☆449Sep 7, 2022Updated 3 years ago
- Powershell script to setup windows port forwarding using native netsh client☆125Aug 6, 2018Updated 7 years ago
- DNS Rebinding Exploitation Framework☆492Apr 27, 2021Updated 5 years ago
- Use ExpiredDomains.net and BlueCoat to find useful domains for red team.☆184Jun 10, 2022Updated 3 years ago