unintentional software vulnerability stumbler
Pinkerton. 🕵️ Python project to crawl for JavaScript files and search for secrets like API keys, authorization tokens, hardcoded credentials, etc.
440juumla. 🦁 Python project to identify and scan for vulnerabilities related to the Joomla CMS project. It scans for common misconfigurations and public vulnerabilities.
177Apepe. 📲 Apepe is a project developed to help to capture informations from a Android app through his APK file. It can be used to extract the content, get app settings, suggest SSL Pinning bypass based on the app detected language, extract deeplinks from AndroidManifest.xml, JSONs and DEX files.
154tomcter. 😹 Python project to bruteforce Apache Tomcat manager login with known-default credentials
97Ozzy. [abandoned] 👁 Ozzy is a dark omnipotent theme for IDA, Git Bash, Sublime, Visual Studio Code etc...
30WSOB. 😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.
28Discor. [abandoned] ⚡ Discor is a Node.js tool created to help people which wants to create Discord bots more fast.
21pwnfaces. exploit for CVE-2017-1000486 vulnerability with SOCKS proxy support
19extensions-wordlist. 🔍 Improve your files enumeration with specific extensions!
18dbf. [abandoned] 🔥 DBF or Don't be Fired is a Visual Studio Code extension which send message boxes to remind you to avoid common mistakes
14saasy. discover third-party services from companies
12blobber. 🔵 Blobber is a tool focused on enumerating files stored in an Azure Blob Storage Service with anonymous access enabled.
8OAO. ⚙️ Operating Account Operators (OAO) is a Golang tool to interact with the LDAP protocol to manage account groups, roles, ACLs/ACEs, etc...
7hexodus. enumerate and attack Active Directory through protocols
6slides.
5doom. Enumerate ADCS certificate templates to identify security risks
3hackthebox. Notes Taken for HTB Machines & InfoSec Community.
3AllAboutBugBounty. All about bug bounty (bypasses, payloads, and etc)
2aglpi. 🖥️ Extract GLPI instance information through telemetry function
1gitter-rust. Learning Rust - Project (1)
1Priv2Admin. Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.
1Pentest-Tools.
1git-dumper. A tool to dump a git repository from a website
1zobbix. 🐍 Zabbix 4.2 Auth Bypass
1wappalyzer-extension-dos. Load 6500+ technologies in one-shot and "crash" Wappalyzer
1