Starred repositories
Tiny helper to protect against Prototype Pollution vulnerabilities in your application regardless if they introduced in your own code or in 3rd-party code
Prototype Pollution and useful Script Gadgets
A Security Tool for Enumerating WebSockets
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …
An OOB interaction gathering server and client library
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
Testing TLS/SSL encryption anywhere on any port
A tool collection of various attacks on TLS based on TLS-Attacker
Automated script for performing Padding Oracle attacks
🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens
Deriving RSA public keys from message-signature pairs
Automated NoSQL database enumeration and web application exploitation tool.
Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)
Avalonia-based .NET Decompiler (port of ILSpy)
ShellCheck, a static analysis tool for shell scripts
Hack The Box CPTS, CWES, CDSA, CWEE, CAPE, CJCA Exam and Lab Reporting / Note-Taking Tool
A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.
The fastest and more comprehensive multiprotocol credentials bruteforcer / password sprayer and enumerator. 🥷
PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.
Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.