This is your work, valued
http-script-generator. ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)
302burp-retire-js. Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
214find-sec-bugs. The FindBugs plugin for security audits of Java web applications and Android applications. (Also work with Scala and Groovy projects)
21rtmfp-api. Provide an easy API for rtmfp capabilities from Flash for Javascript applications.
18waf-workshop. Python
17rhinauditor. Static analyzer for JavaScript aiming for security bugs. (ZAP/Burp plugin)
17burp-image-metadata. Burp and ZAP plugin that display image metadata (JPEG Exif or PNG text chunk).
16bandlogos. BandLogos is a simple application that generate a banner of logos based on your last.fm statistics. At its peak, it had over 100k users.
16montreal_isp. Utility tool to compare Internet plans for Montreal.
12java-vulnerable-webapp. Intentionally vulnerable application 💥
5struts-csrf-cracker. Proof of concept code to predict Struts2 CSRF Token < 2.3.20
4awesome-static-analysis. A curated list of static analysis tools, linters and code quality checkers for various programming languages
3HUNT. Python
2tachyon. Fast Multi-Threaded Web Discovery Tool
2webshell. This is a webshell open source project
2fxcop-security-guard. FxCop rules that aim to help security audit on .NET applications.
1Spaghetti. Spaghetti - Web Application Security Scanner
1J2EEScan. J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.
1tastybits. Reverse engineering standardized barcodes on restaurant bills
1montrehack-2013-03. Épreuves de crypto présentées au Hackfest 2012 et au MontreHack
1victims-enforcer. A rule for the Maven enforcer plugin to check for vulnerable artifacts within a project.
1