securelayer7 / not-a-vuln-listLinks
Top 2025 Vulnerabilities You Shouldn’t Accept in a Pentest Report
☆13Updated 5 months ago
Alternatives and similar repositories for not-a-vuln-list
Users that are interested in not-a-vuln-list are comparing it to the libraries listed below
Sorting:
- Comprehensive AWS cloud reconnaissance and privilege escalation toolkit written in Python. Features IAM, EC2, S3, Lambda, ECS, Secrets Ma…☆42Updated 3 weeks ago
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Updated 6 months ago
- ☆27Updated 2 years ago
- Simple PoC for demonstrating Race Conditions on Websockets☆55Updated last year
- A tool for quickly evaluating IAM permissions in AWS.☆57Updated last year
- Additional active scan checks for BURP☆28Updated 10 months ago
- Exploit for Symfony CVE-2024-50340 (forked eos)☆30Updated 8 months ago
- ☆19Updated last year
- A python3 script searching for secret on swaggerhub☆67Updated 3 years ago
- This repository has workflows created for https://github.com/RikunjSindhwad/Task-Ninja☆23Updated 11 months ago
- Advanced test for proxy & waf☆13Updated 10 months ago
- HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enab…☆40Updated 3 years ago
- ☠️ Code for the Defcon Workshop☆23Updated 11 months ago
- ☆28Updated 10 months ago
- A steampipe plugin to query projectdiscovery.io tools.☆27Updated last year
- ☆46Updated 4 months ago
- ☆43Updated 3 months ago
- DelePwn is a security assessment tool designed to identify and demonstrate the risks associated with Google Workspace Domain-Wide Delegat…☆33Updated 2 months ago
- "Terrible Thick Client" is a vulnerable application developed in C# .NET framework.☆20Updated 2 years ago
- Tool for scanning domains for .git directories.☆16Updated last year
- Use the GCP testIamPermissions functionality to bruteforce and discover your permissions☆38Updated last month
- ☆71Updated 3 months ago
- SSLPinDetect is a tool for analyzing Android APKs to detect SSL pinning implementations by scanning for known patterns in decompiled code…☆25Updated 4 months ago
- My Offensive Security OSWA certification experience and my personal opinion what helps in preparation for the exam☆39Updated 2 years ago
- Tips, Tricks, and Scripts for Linux Post Exploitation☆38Updated 2 years ago
- ☆36Updated last month
- Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!☆20Updated 11 months ago
- Unicode Security Toolkit☆37Updated 9 months ago
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…☆128Updated 3 years ago
- AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration test…☆33Updated last year