Automatic tool using for crawling code to find low-hang fruit vulnerabilities - Based on OWASP Secure Code Review Guide
☆21Aug 31, 2020Updated 5 years ago
Alternatives and similar repositories for Code-Crawler
Users that are interested in Code-Crawler are comparing it to the libraries listed below
Sorting:
- Regex patterns for manual application source code review☆33Dec 14, 2020Updated 5 years ago
- ☆13Feb 26, 2021Updated 5 years ago
- This script searches NVD's website for new CVES, alerting you by email or telegram. You can configure a list of products that interest yo…☆11Mar 21, 2021Updated 4 years ago
- ☆11Jan 24, 2023Updated 3 years ago
- Find unicode codepoints to use in normalisation and transformation attacks.☆11Mar 15, 2021Updated 4 years ago
- References, tools and sample payloads☆11Sep 16, 2016Updated 9 years ago
- A simple script to check for insecurely exposed git repositories.☆12Mar 17, 2019Updated 6 years ago
- Microsoft give away books downloader in Linux or Windows☆13Feb 3, 2022Updated 4 years ago
- A training course on Web Security, Exploit Development and Source Code Auditing from 2009.☆12Feb 15, 2022Updated 4 years ago
- Megagrep helps beginning a code review by searching for keywords in the code using "grep". It does not search for vulnerabilities directl…☆15Aug 8, 2022Updated 3 years ago
- Wounty is a simple web enumeration script that makes use of other popular tools to automate the early stages of recognition in Bug Bounty…☆14Feb 6, 2022Updated 4 years ago
- A extension for collecting parameters☆25Oct 25, 2020Updated 5 years ago
- A tool to speed up Android pentesting by automating the APK acquisition and information gathering☆18Jul 6, 2022Updated 3 years ago
- Secrets detection based on regular expressions.☆22Apr 15, 2025Updated 10 months ago
- Small golang program for ssh brute force attacks☆11Jan 23, 2019Updated 7 years ago
- This extension provides a central location for viewing all GraphQL requests/responses within a Burp project. It provides a clean UI that …☆15Feb 24, 2022Updated 4 years ago
- gup aka Get All Urls parameters to create wordlists for brute forcing parameters.☆18Dec 4, 2021Updated 4 years ago
- My cyber security notes.☆14Feb 22, 2025Updated last year
- A set of tools, procedures, and playbooks for performing bug bounties☆17Dec 2, 2018Updated 7 years ago
- Python script to generate a malicious MP4 file and start a CherryPy web server hosting a simple HTML page with the embedded file. Exploi…☆17Dec 8, 2015Updated 10 years ago
- QUESTER is a Web Pentesting & Bug Bounty Recon tool which queries URLs / Subdomains from the given list of URLs or subdomains.☆15Aug 2, 2021Updated 4 years ago
- sshchecker is a fast dedicated ssh brute-forcing tool to check ssh login on the giving IP list.☆22Feb 8, 2026Updated 2 weeks ago
- ☆17May 20, 2021Updated 4 years ago
- OSINT phone number check tool (Indonesia)☆17Sep 6, 2025Updated 5 months ago
- An Advanced tool to scan hundreds of IP's in Seconds for CVE's, Open Ports And Web Technologies.☆22Apr 30, 2022Updated 3 years ago
- A tools for JavaScript Recon☆24Jul 25, 2020Updated 5 years ago
- ☆20Sep 2, 2021Updated 4 years ago
- Extract domains/subdomains/FQDNs from files and URLs☆19Jun 30, 2020Updated 5 years ago
- My custom semgrep rules☆23Sep 13, 2020Updated 5 years ago
- My personal collection of resources (mostly tools and training materials) for source code security audits.☆106Aug 20, 2024Updated last year
- BugBounty , sort and delete duplicates param value without missing original value☆22Jul 31, 2021Updated 4 years ago
- A collection of everything I learn while working as a pentester, doing certifications, bug bounty hunting or playing CTFs.☆19Nov 13, 2025Updated 3 months ago
- Python script to generate a malicious MP4 file exploiting the 'stsc' vulnerability (CVE-2015-1538-1 - Google Stagefright ‘stsc’ MP4 Atom …☆22Dec 8, 2015Updated 10 years ago
- Burp Extension to identify PII data☆21Jan 29, 2021Updated 5 years ago
- This tool is useful to find a particular string in a list of URLs using tesseract's OCR (Optical Character Recognition) capabilities☆31Jan 17, 2022Updated 4 years ago
- Here are some common interview questions for an application security position you can review for your own interview, along with example a…☆31Apr 17, 2022Updated 3 years ago
- Blind spot is a python tool for blind injection vulnerabilities , SQLi time based , Command injection , code injection , SSTI☆27Jan 6, 2021Updated 5 years ago
- ☆59Apr 8, 2021Updated 4 years ago
- HTTP fuzzer engine security oriented☆60Feb 7, 2026Updated 2 weeks ago