dsm

Elite
@0xdsm

unintentional software vulnerability stumbler

Pinkerton. 🕵️ Python project to crawl for JavaScript files and search for secrets like API keys, authorization tokens, hardcoded credentials, etc.

440

juumla. 🦁 Python project to identify and scan for vulnerabilities related to the Joomla CMS project. It scans for common misconfigurations and public vulnerabilities.

177

Apepe. 📲 Apepe is a project developed to help to capture informations from a Android app through his APK file. It can be used to extract the content, get app settings, suggest SSL Pinning bypass based on the app detected language, extract deeplinks from AndroidManifest.xml, JSONs and DEX files.

154

tomcter. 😹 Python project to bruteforce Apache Tomcat manager login with known-default credentials

97

Ozzy. [abandoned] 👁 Ozzy is a dark omnipotent theme for IDA, Git Bash, Sublime, Visual Studio Code etc...

30

WSOB. 😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.

28

Discor. [abandoned] ⚡ Discor is a Node.js tool created to help people which wants to create Discord bots more fast.

21

pwnfaces. exploit for CVE-2017-1000486 vulnerability with SOCKS proxy support

19

extensions-wordlist. 🔍 Improve your files enumeration with specific extensions!

18

dbf. [abandoned] 🔥 DBF or Don't be Fired is a Visual Studio Code extension which send message boxes to remind you to avoid common mistakes

14

saasy. discover third-party services from companies

12

blobber. 🔵 Blobber is a tool focused on enumerating files stored in an Azure Blob Storage Service with anonymous access enabled.

8

OAO. ⚙️ Operating Account Operators (OAO) is a Golang tool to interact with the LDAP protocol to manage account groups, roles, ACLs/ACEs, etc...

7

hexodus. enumerate and attack Active Directory through protocols

6

slides.

5

doom. Enumerate ADCS certificate templates to identify security risks

3

hackthebox. Notes Taken for HTB Machines & InfoSec Community.

3

AllAboutBugBounty. All about bug bounty (bypasses, payloads, and etc)

2

aglpi. 🖥️ Extract GLPI instance information through telemetry function

1

gitter-rust. Learning Rust - Project (1)

1

Priv2Admin. Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.

1

Pentest-Tools.

1

git-dumper. A tool to dump a git repository from a website

1

zobbix. 🐍 Zabbix 4.2 Auth Bypass

1

wappalyzer-extension-dos. Load 6500+ technologies in one-shot and "crash" Wappalyzer

1
25
Apply