Lists (32)
API
AppSec
Appsec Training
Burp Extensions
Burp Extensions Development
Cloud
Data and Crypto
Data Identification and Manipula
Defense
Design
Detection And Forensics (DFIR)
Discovery, OSINT, Fingerprinting
Exploitation
Fuzz
Hiring and Recruiting
HTTP Scanners and DAST
IoT
Learning
Machine Learning and AI
Mobile
Network Scanners
Networking and Network Scans
Passwords
Pentest/Social
Personal and Productivity
Python
Reporting and Documentation
Resources and Standards
Reverse Engineering
SAST and Secret Scanning
Utility
Wordlists and Parsing
Stars
blint is a Binary Linter that checks the security properties and capabilities of your executables. It can also generate a Software Bill-of-Materials (SBOM) for supported binaries.
This project aims to maintain Wappalyzer technologies
Wrapper to inject an Objection/Frida gadget into an APK, with support for app bundles/split APKs.
A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues
A Security Tool for Enumerating WebSockets
Fast and customizable vulnerability scanner For JIRA written in Python
🧠 LLMFuzzer - Fuzzing Framework for Large Language Models 🧠 LLMFuzzer is the first open-source fuzzing framework specifically designed for Large Language Models (LLMs), especially for their integra…
Proof of Concept of Sweyntooth Bluetooth Low Energy (BLE) vulnerabilities.
Scan for secrets, endpoints, and other sensitive data after decompiling and deobfuscating Android files. (.apk, .xapk, .dex, .jar, .class, .smali, .zip, .aar, .arsc, .aab, .jadx.kts).
Burp Automator - A Burp Suite Automation Tool. It provides a high level CLI and Python interfaces to Burp Suite scanner and can be used to setup Dynamic Application Security Testing (DAST).
Find authentication (authn) and authorization (authz) security bugs in web application routes.
Detection script for the ROBOT vulnerability
Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @WebbinRoot
A source code static analysis platform for AppSec enthusiasts.
Test Software for the Characterization of AI Technologies
Dropbox LLM Security research code and results
A tool to inspect and attack version 1 GUIDs
The scripts helps security analsts to identify misconfigured firebase instances.
🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️
Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock and Linux Sockets out of the box. ⚡
A research project to add some brrrrrr to Burp