A list of threat sinks used in the manual security source code review for application security
☆76May 9, 2023Updated 3 years ago
Alternatives and similar repositories for CodeAllTheThings
Users that are interested in CodeAllTheThings are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- PoC + vulnerability details for CVE-2022-25262 / JetBrains Hub single-click SAML response takeover☆17Jul 5, 2022Updated 4 years ago
- A cheatsheet for exploiting server-side SVG rasterization.☆30Jul 5, 2022Updated 4 years ago
- Regex patterns for manual application source code review☆34Dec 14, 2020Updated 5 years ago
- Tool for checking reflecting Parameters in a URL.☆10Aug 31, 2020Updated 5 years ago
- Supporting material for the "Hunting Bugs In The Tropics" DEFCON 30 talk☆11Aug 18, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- bug bounty automation☆14Jul 2, 2021Updated 5 years ago
- PoC for CVE-2022-24342: account takeover via CSRF in GitHub authentication☆37Jul 5, 2022Updated 4 years ago
- Hidden parameters discovery suite☆225Nov 14, 2022Updated 3 years ago
- ☆23Jun 30, 2021Updated 5 years ago
- Some Tutorials and Things to Help Bug Hunter☆31Mar 17, 2021Updated 5 years ago
- Megagrep helps beginning a code review by searching for keywords in the code using "grep". It does not search for vulnerabilities directl…☆14Aug 8, 2022Updated 3 years ago
- It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.☆60Mar 2, 2022Updated 4 years ago
- gSAST - Grep Static Analysis Security Tool☆13Mar 30, 2024Updated 2 years ago
- Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.☆68Apr 12, 2022Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- The ImageMagick Security Policy Evaluator allows developers and security experts to check if an XML Security Policy is hardened against a…☆19Feb 6, 2023Updated 3 years ago
- CVE-2024-30056 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability☆17May 27, 2024Updated 2 years ago
- Learn what is NoSQL injection and how to find them ?☆10Jul 22, 2021Updated 4 years ago
- Automatic tool using for crawling code to find low-hang fruit vulnerabilities - Based on OWASP Secure Code Review Guide☆21Aug 31, 2020Updated 5 years ago
- ☆18Oct 4, 2021Updated 4 years ago
- Advanced external automation on bug bounty programs by running the best set of tools to perform scanning and finding out vulnerabilities.☆106Jun 28, 2022Updated 4 years ago
- TProx is a fast reverse proxy path traversal detector and directory bruteforcer.☆30Sep 16, 2021Updated 4 years ago
- Converts exported results of CAPA tool from .json format to another formats supporting by different tools.☆22Feb 15, 2022Updated 4 years ago
- Here are some common interview questions for an application security position you can review for your own interview, along with example a…☆32Apr 17, 2022Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Automatically exported from code.google.com/p/ra2-dom-xss-scanner☆28Jan 4, 2016Updated 10 years ago
- ScriptKKiddie's WebAppSec Testing or Web Application Security Testing based on OWASP is a repository that contains useful resources, & st…☆16Aug 19, 2021Updated 4 years ago
- A basic golang server/client for distributing tasks over multiple systems.☆39Jul 20, 2020Updated 5 years ago
- TapJacking Attacks Demo☆20Apr 25, 2021Updated 5 years ago
- Signatures for jaeles scanner by @j3ssie☆117Apr 20, 2024Updated 2 years ago
- Install Burpsuite pro in Linux OS☆17Mar 24, 2024Updated 2 years ago
- Semgrep rules to identify GWT attack surface☆12Apr 28, 2022Updated 4 years ago
- Easily schedule commands to run multiple times at set intervals (like a cronjob, but with one command)☆85Apr 5, 2021Updated 5 years ago
- A tools for JavaScript Recon☆24Jul 25, 2020Updated 5 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Performing automated scan using Burp Suite Pro & Vmware Burp Rest API☆55Sep 30, 2022Updated 3 years ago
- Burp-Addons : Some of Burp Addons I use ( Mindak ak fahem )☆11Sep 1, 2022Updated 3 years ago
- Automated blind-xss search for Burp Suite☆23Mar 28, 2022Updated 4 years ago
- A CLI tool to extract, analyze, and filter JavaScript links from web pages or URLs, with regex matching and structured JSON output.☆19Jan 6, 2025Updated last year
- Modified Nuclei Templates Version to FUZZ Host Header☆52Jan 11, 2022Updated 4 years ago
- Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common m…☆77Mar 22, 2024Updated 2 years ago
- Useful "Match and Replace" burpsuite rules☆373Sep 26, 2023Updated 2 years ago