Fortigate VPN-SSL Honeypot

SSH based reverse shell

the transparent ransomware claim tracker 🥷🏼🧅🖥️

A fast, simple, recursive content discovery tool written in Rust.

Easy Wordpress development with Docker and Docker Compose

nodejsscan is a static security code scanner for Node.js applications.

Incredibly fast crawler designed for OSINT.

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWA…

Bruteforcing from various scanner output - Automatically attempts default creds on found services.

Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).

OWASP Joomla Vulnerability Scanner Project https://www.secologist.com/

Most advanced XSS scanner.

Fast subdomains enumeration tool for penetration testers

The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

Project "Flashbang" - An open-source Flash-security helper

CeWL is a Custom Word List Generator

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

Application Security Verification Standard

A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.

grep rough audit - source code auditing tool

Ruby/ProgressBar is a text progress bar library for Ruby.

Rails Plugin that tracks impressions and page views

A collection of web pages vulnerable to SQL injection flaws

WordpressPingbackPortScanner

Automatic SQL injection and database takeover tool