bypass-url-parser

Send phishing messages and attachments to Microsoft Teams users

Vulnerable REST API with OWASP top 10 vulnerabilities for security testing

a security scanner for custom LLM applications

Just another Powerview alternative but on steroids

Streamline vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. Prioritize actions based on real-time threat information, gain a competitive advantage, and stay infor…

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository …

This tool is for sensitive information searching on Github - The Fast Version here: https://github.com/Hell0W0rld0/Github_Hunter_By_Golang

Create your own vulnerable by design AWS penetration testing playground

🕵️ Python project to crawl for JavaScript files and search for secrets like API keys, authorization tokens, hardcoded password or related.

AWS云平台 AccessKey 泄漏利用工具

Smart context-based SSRF vulnerability scanner.

GraphQL automated security testing toolkit

Massive Mobile Security Framework

Extract Windows Wi-Fi Passwords to Remote URL

Postman OSINT tool to extract creds, token, username, email & more from Postman Public Workspaces

Script to audit GitHub Action Workflow files for potential vulnerabilities.

Collect XSS vulnerable parameters from entire domain.

The fastest Trust Layer for AI Agents

A tool to keep AWS pentests and red teams efficient, organized, and stealthy.

Exploit code for Jira Mobile Rest Plugin SSRF (CVE-2022-26135)

Automated API security testing

Modules for my C2 course students to use for their own projects.

Research on the enumeration of IAM permissions without logging to CloudTrail

Enumerate AWS cloud resources based on provided credential