Automatic tool using for crawling code to find low-hang fruit vulnerabilities - Based on OWASP Secure Code Review Guide
☆21Aug 31, 2020Updated 5 years ago
Alternatives and similar repositories for Code-Crawler
Users that are interested in Code-Crawler are comparing it to the libraries listed below
Sorting:
- Regex patterns for manual application source code review☆33Dec 14, 2020Updated 5 years ago
- Find unicode codepoints to use in normalisation and transformation attacks.☆11Mar 15, 2021Updated 5 years ago
- Wounty is a simple web enumeration script that makes use of other popular tools to automate the early stages of recognition in Bug Bounty…☆14Feb 6, 2022Updated 4 years ago
- A simple script to check for insecurely exposed git repositories.☆12Mar 17, 2019Updated 7 years ago
- References, tools and sample payloads☆11Sep 16, 2016Updated 9 years ago
- ☆13Feb 26, 2021Updated 5 years ago
- This extension provides a central location for viewing all GraphQL requests/responses within a Burp project. It provides a clean UI that …☆15Feb 24, 2022Updated 4 years ago
- A tool to speed up Android pentesting by automating the APK acquisition and information gathering☆18Jul 6, 2022Updated 3 years ago
- Secrets detection based on regular expressions.☆22Apr 15, 2025Updated 11 months ago
- Small golang program for ssh brute force attacks☆11Jan 23, 2019Updated 7 years ago
- Microsoft give away books downloader in Linux or Windows☆13Feb 3, 2022Updated 4 years ago
- My cyber security notes.☆14Feb 22, 2025Updated last year
- A training course on Web Security, Exploit Development and Source Code Auditing from 2009.☆12Feb 15, 2022Updated 4 years ago
- ☆11Jan 24, 2023Updated 3 years ago
- gup aka Get All Urls parameters to create wordlists for brute forcing parameters.☆18Dec 4, 2021Updated 4 years ago
- QUESTER is a Web Pentesting & Bug Bounty Recon tool which queries URLs / Subdomains from the given list of URLs or subdomains.☆15Aug 2, 2021Updated 4 years ago
- This script searches NVD's website for new CVES, alerting you by email or telegram. You can configure a list of products that interest yo…☆11Mar 21, 2021Updated 4 years ago
- A extension for collecting parameters☆25Oct 25, 2020Updated 5 years ago
- A set of tools, procedures, and playbooks for performing bug bounties☆17Dec 2, 2018Updated 7 years ago
- A tools for JavaScript Recon☆24Jul 25, 2020Updated 5 years ago
- It's an simple django project for django beginners. It's cover all the django basic such as views, models, urls etc.☆11Oct 8, 2020Updated 5 years ago
- CipherRun is an ethical hacking tool used to execute shellcode easily while bypassing antivirus solutions.☆11Jan 30, 2024Updated 2 years ago
- sshchecker is a fast dedicated ssh brute-forcing tool to check ssh login on the giving IP list.☆23Feb 8, 2026Updated last month
- BugBounty , sort and delete duplicates param value without missing original value☆22Jul 31, 2021Updated 4 years ago
- Here are some common interview questions for an application security position you can review for your own interview, along with example a…☆31Apr 17, 2022Updated 3 years ago
- Burp Extension to identify PII data☆21Jan 29, 2021Updated 5 years ago
- A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a la…☆142Jul 9, 2024Updated last year
- An ongoing & curated collection of awesome software practices and remediation, libraries and frameworks,payloads and techniques, best gui…☆41Sep 23, 2023Updated 2 years ago
- My custom created nuclei for SQLi, bugbounty, pentesting☆26May 7, 2025Updated 10 months ago
- Code repo for the ICML 2021 paper "Making Paper Reviewing Robust to Bid Manipulation Attacks".☆10Sep 15, 2021Updated 4 years ago
- An Advanced tool to scan hundreds of IP's in Seconds for CVE's, Open Ports And Web Technologies.☆22Apr 30, 2022Updated 3 years ago
- Python script to generate a malicious MP4 file and start a CherryPy web server hosting a simple HTML page with the embedded file. Exploi…☆17Dec 8, 2015Updated 10 years ago
- Extract domains/subdomains/FQDNs from files and URLs☆19Jun 30, 2020Updated 5 years ago
- Scripts for an upcoming blog "Extractive vs. Abstractive Summarization" for RaRe Technologies.☆13Apr 7, 2017Updated 8 years ago
- My personal collection of resources (mostly tools and training materials) for source code security audits.☆106Aug 20, 2024Updated last year
- Nitko web server scanner☆15Sep 25, 2019Updated 6 years ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆76Sep 2, 2022Updated 3 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆37Dec 2, 2020Updated 5 years ago
- whoareyou is a tool to find the underlying technology/software used in a list of websites passed through stdin (using Wappalyzer dataset)☆32Jun 15, 2020Updated 5 years ago