Lists (32)
API
AppSec
Appsec Training
Burp Extensions
Burp Extensions Development
Cloud
Data and Crypto
Data Identification and Manipula
Defense
Design
Detection And Forensics (DFIR)
Discovery, OSINT, Fingerprinting
Exploitation
Fuzz
Hiring and Recruiting
HTTP Scanners and DAST
IoT
Learning
Machine Learning and AI
Mobile
Network Scanners
Networking and Network Scans
Passwords
Pentest/Social
Personal and Productivity
Python
Reporting and Documentation
Resources and Standards
Reverse Engineering
SAST and Secret Scanning
Utility
Wordlists and Parsing
Stars
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Python composable command line interface toolkit
The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWA…
Reverse engineering and pentesting for Android applications
Scanning APK file for URIs, endpoints & secrets.
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.
GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)
A pentest reporting tool written in Python. Free yourself from Microsoft Word.
An XSS exploitation command-line interface and payload generator.
a security scanner for custom LLM applications
A python script to scan for Apache Tomcat server vulnerabilities.
A library for detecting known secrets across many web frameworks
A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing
The purpose of this tool is: 1. to transliterate and generate possible usernames out of a full names list that may include names written in multiple (non-English) languages, common problem occurrin…
The IoT Security Testing Guide (ISTG) provides a comprehensive methodology for penetration tests in the IoT field, offering flexibility to adapt innovations, and developments in the IoT market whil…
Automated script to convert and push Burp Suite certificate in Android, and modify Android's IP table to redirect all traffic to Burp Suite.
Static code analyser for backdoors and malicious code in git repos using OpenAI compatible LLM APIs
A simple Python script that calls SSL Labs API to do SSL testings on servers and create a report in html.
A framework for the detection of COSI vulnerabilities / XS-Leaks
irsdl / dnschef_updated
Forked from iphelix/dnschefDNSChef - DNS proxy for Penetration Testers and Malware Analysts