Stars
Supercharge your API testing, catch bugs, and ensure compliance
Kali Linux Fixes for Newly Imported VM's
The AEM Groovy Console provides an interface for running Groovy scripts in the AEM container. Scripts can be created to manipulate content in the JCR, call OSGi services, or execute arbitrary code …
jolokia-exploitation-toolkit
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
Awesome list of step by step techniques to achieve Remote Code Execution on various apps!
A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
The world’s fastest framework for building websites.
Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
Rust-based high performance domain permutation generator.
Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)
🐛 A list of writeups from the Google VRP Bug Bounty program
Script and resources to execute shell commands using access to a PostgreSQL service
A big list of Android Hackerone disclosed reports and other resources.
An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists
Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
Tool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.
Take a list of domains and probe for working HTTP and HTTPS servers
grep rough audit - source code auditing tool
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application