Automatic tool using for crawling code to find low-hang fruit vulnerabilities - Based on OWASP Secure Code Review Guide
☆21Aug 31, 2020Updated 5 years ago
Alternatives and similar repositories for Code-Crawler
Users that are interested in Code-Crawler are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Regex patterns for manual application source code review☆33Dec 14, 2020Updated 5 years ago
- Find unicode codepoints to use in normalisation and transformation attacks.☆11Mar 15, 2021Updated 5 years ago
- Wounty is a simple web enumeration script that makes use of other popular tools to automate the early stages of recognition in Bug Bounty…☆14Feb 6, 2022Updated 4 years ago
- A simple script to check for insecurely exposed git repositories.☆12Mar 17, 2019Updated 7 years ago
- References, tools and sample payloads☆11Sep 16, 2016Updated 9 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- This extension provides a central location for viewing all GraphQL requests/responses within a Burp project. It provides a clean UI that …☆16Feb 24, 2022Updated 4 years ago
- A tool to speed up Android pentesting by automating the APK acquisition and information gathering☆18Jul 6, 2022Updated 3 years ago
- ☆14Feb 26, 2021Updated 5 years ago
- Secrets detection based on regular expressions.☆22Apr 15, 2025Updated last year
- Megagrep helps beginning a code review by searching for keywords in the code using "grep". It does not search for vulnerabilities directl…☆14Aug 8, 2022Updated 3 years ago
- Small golang program for ssh brute force attacks☆11Jan 23, 2019Updated 7 years ago
- Microsoft give away books downloader in Linux or Windows☆13Feb 3, 2022Updated 4 years ago
- My cyber security notes.☆14Feb 22, 2025Updated last year
- A training course on Web Security, Exploit Development and Source Code Auditing from 2009.☆12Feb 15, 2022Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆11Jan 24, 2023Updated 3 years ago
- gup aka Get All Urls parameters to create wordlists for brute forcing parameters.☆18Dec 4, 2021Updated 4 years ago
- QUESTER is a Web Pentesting & Bug Bounty Recon tool which queries URLs / Subdomains from the given list of URLs or subdomains.☆15Aug 2, 2021Updated 4 years ago
- This script searches NVD's website for new CVES, alerting you by email or telegram. You can configure a list of products that interest yo…☆11Mar 21, 2021Updated 5 years ago
- A extension for collecting parameters☆24Oct 25, 2020Updated 5 years ago
- A set of tools, procedures, and playbooks for performing bug bounties☆18Dec 2, 2018Updated 7 years ago
- A tools for JavaScript Recon☆24Jul 25, 2020Updated 5 years ago
- It's an simple django project for django beginners. It's cover all the django basic such as views, models, urls etc.☆11Oct 8, 2020Updated 5 years ago
- sshchecker is a fast dedicated ssh brute-forcing tool to check ssh login on the giving IP list.☆23Feb 8, 2026Updated 4 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- BugBounty , sort and delete duplicates param value without missing original value☆22Jul 31, 2021Updated 4 years ago
- Here are some common interview questions for an application security position you can review for your own interview, along with example a…☆32Apr 17, 2022Updated 4 years ago
- A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a la…☆143Jul 9, 2024Updated last year
- Burp Extension to identify PII data☆22Jan 29, 2021Updated 5 years ago
- An ongoing & curated collection of awesome software practices and remediation, libraries and frameworks,payloads and techniques, best gui…☆41Sep 23, 2023Updated 2 years ago
- My custom created nuclei for SQLi, bugbounty, pentesting☆28May 7, 2025Updated last year
- Code repo for the ICML 2021 paper "Making Paper Reviewing Robust to Bid Manipulation Attacks".☆10Sep 15, 2021Updated 4 years ago
- An Advanced tool to scan hundreds of IP's in Seconds for CVE's, Open Ports And Web Technologies.☆22Apr 30, 2022Updated 4 years ago
- Extract domains/subdomains/FQDNs from files and URLs☆20Jun 30, 2020Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Scripts for an upcoming blog "Extractive vs. Abstractive Summarization" for RaRe Technologies.☆13Apr 7, 2017Updated 9 years ago
- My personal collection of resources (mostly tools and training materials) for source code security audits.☆109Aug 20, 2024Updated last year
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆76Sep 2, 2022Updated 3 years ago
- ☆20Sep 2, 2021Updated 4 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆38Dec 2, 2020Updated 5 years ago
- whoareyou is a tool to find the underlying technology/software used in a list of websites passed through stdin (using Wappalyzer dataset)☆32Jun 15, 2020Updated 5 years ago
- ☆59Apr 8, 2021Updated 5 years ago