JfsConstraint solver based on coverage-guided fuzzing
Stars: ✭ 215 (-92.26%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-92.84%)
MemjectSimple Dll injector loading from memory. Supports PE header and entry point erasure. Written in C99.
Stars: ✭ 176 (-93.67%)
XrcrossXRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities
Stars: ✭ 175 (-93.7%)
Fast CheckProperty based testing framework for JavaScript (like QuickCheck) written in TypeScript
Stars: ✭ 2,604 (-6.3%)
DnsprobeDNSProb is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers.
Stars: ✭ 221 (-92.05%)
SlicerA tool to automate the boring process of APK recon
Stars: ✭ 199 (-92.84%)
Pythonfuzzcoverage guided fuzz testing for python
Stars: ✭ 175 (-93.7%)
Jwt Hack🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)
Stars: ✭ 172 (-93.81%)
TuktukTool for catching and logging different types of requests.
Stars: ✭ 174 (-93.74%)
Hiddeneye LegacyModern Phishing Tool With Advanced Functionality And Multiple Tunnelling Services [ Android-Support-Available ]
Stars: ✭ 2,568 (-7.59%)
BasecrackDecode All Bases - Base Scheme Decoder
Stars: ✭ 196 (-92.95%)
KillchainA unified console to perform the "kill chain" stages of attacks.
Stars: ✭ 172 (-93.81%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (-16.8%)
Honggfuzz RsFuzz your Rust code with Google-developed Honggfuzz !
Stars: ✭ 222 (-92.01%)
Bobby Tablesbobby-tables.com, the site for preventing SQL injections
Stars: ✭ 220 (-92.08%)
Inject Some SqlHave fun injecting SQL into a Ruby on Rails application!
Stars: ✭ 211 (-92.41%)
HowtohuntTutorials and Things to Do while Hunting Vulnerability.
Stars: ✭ 2,996 (+7.81%)
KleeflSeeding fuzzers with symbolic execution
Stars: ✭ 172 (-93.81%)
Url TrackerChange monitoring app that checks the content of web pages in different periods.
Stars: ✭ 171 (-93.85%)
HttpcanaryA powerful capture and injection tool for the Android platform
Stars: ✭ 2,188 (-21.27%)
Tools TbhmTools of "The Bug Hunters Methodology V2 by @jhaddix"
Stars: ✭ 171 (-93.85%)
Mandibulelinux elf injector for x86 x86_64 arm arm64
Stars: ✭ 171 (-93.85%)
RapidRapid is a Go library for property-based testing that supports state machine ("stateful" or "model-based") testing and fully automatic test case minimization ("shrinking")
Stars: ✭ 213 (-92.34%)
Headless BurpAutomate security tests using Burp Suite.
Stars: ✭ 192 (-93.09%)
DiffaiA certifiable defense against adversarial examples by training neural networks to be provably robust
Stars: ✭ 171 (-93.85%)
MobilehackersweaponsMobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
Stars: ✭ 170 (-93.88%)
CamerattackAn attack tool designed to remotely disable CCTV camera streams (like in spy movies)
Stars: ✭ 192 (-93.09%)
TsyringeLightweight dependency injection container for JavaScript/TypeScript
Stars: ✭ 2,761 (-0.65%)
BbreconPython library and CLI for the Bug Bounty Recon API
Stars: ✭ 169 (-93.92%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (-93.06%)
Bountystrike ShPoor (rich?) man's bug bounty pipeline
Stars: ✭ 168 (-93.95%)
FuzzfactoryDomain-Specific Fuzzing with Waypoints
Stars: ✭ 167 (-93.99%)
Javafuzzcoverage guided fuzz testing for java
Stars: ✭ 193 (-93.06%)
MorphAn open source fuzzing framework for fun.
Stars: ✭ 166 (-94.03%)
FuzzinatorFuzzinator Random Testing Framework
Stars: ✭ 164 (-94.1%)
BerserkerA list of useful payloads for Web Application Security and Pentest/CTF
Stars: ✭ 212 (-92.37%)
Awesome BbhtA bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (-93.16%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (-94.13%)
GrammarinatorANTLR v4 grammar-based test generator
Stars: ✭ 162 (-94.17%)
Off By SlashBurp extension to detect alias traversal via NGINX misconfiguration at scale.
Stars: ✭ 192 (-93.09%)
Trophy Case🏆 Collection of bugs uncovered by fuzzing Rust code
Stars: ✭ 225 (-91.9%)
SitedorksSearch Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.
Stars: ✭ 221 (-92.05%)
FuzzitCLI to integrate continuous fuzzing with Fuzzit
Stars: ✭ 220 (-92.08%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (-93.16%)
WascanWAScan - Web Application Scanner
Stars: ✭ 1,895 (-31.81%)
Jira ScanCVE-2017-9506 - SSRF
Stars: ✭ 159 (-94.28%)
InjectioniiiRe-write of Injection for Xcode in (mostly) Swift
Stars: ✭ 2,680 (-3.56%)
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+340.66%)
Can I Take Over Xyz"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Stars: ✭ 2,808 (+1.04%)
3klconAutomation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.
Stars: ✭ 189 (-93.2%)