by do son · Published December 12, 2020 · Last modified September 19, 2023
MOSINT MOSINT is an OSINT Tool for emails. It helps you gather information about the target email. Features: Email validation Check social accounts with Socialscan and Holehe Check data breaches and password leaks Find...
sslscan tests SSL/TLS-enabled services to discover supported cipher suites. This is a fork of ioerror’s version of sslscan. Changes are as follows: Highlight SSLv2 and SSLv3 ciphers in output. Highlight CBC ciphers on SSLv3 (POODLE). Highlight 3DES...
What is Akto? Akto is an instant, open source API security platform that takes only 60 secs to get started. Akto is used by security teams to maintain a continuous inventory of APIs, test...
Programming / Web Vulnerability Analysis
by do son · Published June 17, 2020 · Last modified September 18, 2023
Semgrep Semgrep is a command-line tool for offline static analysis. Use pre-built or custom rules to enforce code and security standards in your codebase. You can try it now with our interactive live editor. Semgrep combines the...
Web Exploitation / Web Vulnerability Analysis
by do son · Published May 6, 2021 · Last modified September 18, 2023
interactsh Interactsh is an Open-Source Solution for Out of band Data Extraction, A tool designed to detect bugs that cause external interactions, For example – Blind SQLi, Blind CMDi, SSRF, etc. Features DNS/HTTP/SMTP Interaction support...
The OWASP Zed Attack Proxy (ZAP) is easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security...
OWASP VulnerableApp As Web Applications are becoming popular these days, there comes a dire need to secure them. Although there are several Vulnerability Scanning Tools, however, while developing these tools, developers need to test...
by do son · Published September 14, 2021 · Last modified September 17, 2023
DongTai DongTai IAST is an open-source passive interactive security testing (IAST) product. It uses dynamic hooks and taint tracking algorithms to achieve universal vulnerability detection and multiples request associated with vulnerability detection (including but not limited to...
OWASP WrongSecrets Welcome to the OWASP WrongSecrets p0wnable app. With this app, we have packed various ways of how to not store your secrets. These can help you to realize whether your secret management...
WAF Bypass Tool WAF bypass Tool is an open-source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker...
