securelayer7 / not-a-vuln-listLinks
Top 2025 Vulnerabilities You Shouldn’t Accept in a Pentest Report
☆13Updated 8 months ago
Alternatives and similar repositories for not-a-vuln-list
Users that are interested in not-a-vuln-list are comparing it to the libraries listed below
Sorting:
- Comprehensive AWS cloud reconnaissance and privilege escalation toolkit written in Python. Features IAM, EC2, S3, Lambda, ECS, Secrets Ma…☆44Updated 3 months ago
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Updated 9 months ago
- A tool for quickly evaluating IAM permissions in AWS.☆59Updated last year
- Additional active scan checks for BURP☆28Updated last year
- "Terrible Thick Client" is a vulnerable application developed in C# .NET framework.☆20Updated 2 years ago
- DelePwn is a security assessment tool designed to identify and demonstrate the risks associated with Google Workspace Domain-Wide Delegat…☆35Updated 2 months ago
- A python3 script searching for secret on swaggerhub☆66Updated 3 years ago
- Simple PoC for demonstrating Race Conditions on Websockets☆55Updated 2 years ago
- CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …☆125Updated last year
- External Playbooks for Public Access☆40Updated 8 months ago
- ☠️ Code for the Defcon Workshop☆23Updated last year
- Exploit for Symfony CVE-2024-50340 (forked eos)☆29Updated 11 months ago
- My Offensive Security OSWA certification experience and my personal opinion what helps in preparation for the exam☆41Updated 2 years ago
- Advanced test for proxy & waf☆13Updated last month
- Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!☆20Updated last year
- ☆19Updated 2 years ago
- ☆27Updated 2 years ago
- Converting your Burp Suite projects into JSON APIs which can be viewed with Swagger editor or imported into Postman.☆70Updated 10 months ago
- Information Security Information From Web☆28Updated 2 months ago
- ☆54Updated 9 months ago
- HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enab…☆40Updated 3 years ago
- ☆43Updated 5 months ago
- A stealthy reverse shell built with native PowerShell and Server-Sent Events (SSE). No polling. No sockets. Just pure HTTP and real-time …☆20Updated 6 months ago
- Use the GCP testIamPermissions functionality to bruteforce and discover your permissions☆41Updated 4 months ago
- ☆15Updated 11 months ago
- Burp Suite Extension for inserting a magic byte into responder's request☆24Updated 2 years ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Updated last year
- ☆55Updated last year
- ☆87Updated last week
- TruffleHog Explorer, a user-friendly web-based tool to visualize and analyze data extracted using TruffleHog.☆48Updated 9 months ago