dummy: Generator of static files for testing file upload
dummy Generator of static files for testing file upload functionality. When generating a png, as in the following screenshot, you can generate a png of a specified size. Motivation I...
Category: WebApp PenTest
VulnMapAI: Revolutionizing Vulnerability Reports with GPT-4 and Nmap
VulnMapAI VulnMapAI combines the power of Nmap’s detailed network scanning and the advanced natural language processing capabilities of GPT-4 to generate comprehensive and intelligible vulnerability reports. It aims to facilitate...
Telerecon: OSINT reconnaissance framework for researching, investigating, and scraping Telegram
Telerecon Telerecon is a comprehensive OSINT reconnaissance framework for researching, investigating, and scraping Telegram. For example: Input a target username, and Telerecon efficiently crawls across multiple chats gathering profile metadata,...
403-bypass: comprehensive suite of Bash scripts for probing 403 bypasses in web security
403-bypass Are you interested in web security and want to test your skills against potential 403 bypasses? If so, you’ve come to the right place! This project is a comprehensive...
CloakQuest3r: Uncover the true IP address of websites safeguarded by Cloudflare & Others
CloakQuest3r CloakQuest3r is a powerful Python tool meticulously crafted to uncover the true IP address of websites safeguarded by Cloudflare and other alternatives, a widely adopted web security and performance...
JAW: A Graph-based Security Analysis Framework for Client-side JavaScript
JAW An open-source, prototype implementation of property graphs for JavaScript based on the esprima parser, and the EsTree SpiderMonkey Spec. JAW can be used for analyzing the client side of web applications and...
Subhunter: A highly efficient and powerful subdomain takeover tool
Subhunter A subdomain takeover occurs when an attacker gains control over a subdomain of a target domain. Typically, this happens when the subdomain has a canonical name (CNAME) in the...
Upload_Bypass v3.0.2-dev releases: File upload restrictions bypass
Upload_Bypass Upload_Bypass is a powerful tool designed to assist Pentesters and Bug Hunters in testing file upload mechanisms. It leverages various bug bounty techniques to simplify the process of identifying and...
hakuin: A blazing fast Blind SQL Injection optimization and automation framework
Hakuin Hakuin is a Blind SQL Injection (BSQLI) inference optimization and automation framework written in Python 3. It abstracts away the inference logic and allows users to easily and efficiently...
Egyscan v3.2 releases: The best web vulnerability scanner
Egyscan Egyscan is The Best web vulnerability scanner; it’s a multifaceted security powerhouse designed to fortify your web applications against malicious threats. EgyScan is more than just a tool; it’s the...
headerpwn: A fuzzer for analyzing how servers respond to different HTTP headers
headerpwn A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers. Install go install github.com/devanshbatham/headerpwn@v0.0.3 Use headerpwn allows you to test various headers on a target...
The Ars0n Framework: A Modern, Agile Framework for Bug Bounty Hunting on Kali Linux
The Ars0n Framework The Ars0n Framework is designed to provide aspiring Application Security Engineers with all the tools they need to leverage Bug Bounty hunting as a means to learn...
metahub v2.5 releases: open-source security tool for context-based security vulnerability management
MetaHub MetaHub is an open-source security tool for context-based security vulnerability management. It can automate the process of contextualizing and prioritizing security findings based on your environment and your needs, YOUR...
CLZero: fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors
CLZero A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors. Inspired by the tool Smuggler all attack gadgets adapted from Smuggler and https://portswigger.net/research/how-to-turn-security-research-into-profit CL.0 Identification method The first request will be the...
rayder: A lightweight tool for orchestrating and organizing your command-line workflows
rayder Rayder is a command-line tool designed to simplify the orchestration and execution of workflows. It allows you to define a series of modules in a YAML file, each consisting...
