A burp-suite plugin that extract all parameters name from in-scope requests.
You can run the plugin while you are working on the target application and it will log all the extracted parameters in the plugin tab. Then you can export the result to a file and use that file with other parameter discovery tools.
MayorSecDNSScan MSDNSScan is used to identify DNS records for target domains and check for zone transfers. There really isn't much special about it, a
Hive Burp Suite Extension Description Hive extension for Burp Suite. This extension allows you to send data from Burp to Hive in one click. Create iss
PWInput A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask. Installatio
Easy to setup customizable honeypots for monitoring network traffic, bots activities and username\password credentials. The current available honeypot
log4jShell Scanner This shell script scans a vulnerable web application that is using a version of apache-log4j 2.15.0. This application is a static
What is Buff? A simple BOF library I wrote under an hour to help me automate with BOF attack. It comes with fuzzer and a generic method to generate ex
Tracey-Backdoor A Reverse Shell Backdoor made in python OOP. It supposed to work in Windows and Linux OS Functions: Reverse Connection Send Reverse TC
👋 It's in beta, I'm still building How to install Linux and Termux: Clone Rp: git clone https://github.com/J4c5/superfish.git Install the dependencie
DeadDNS Multi-threaded DNS hijacking via dead records automation tool How it works 1) Dig provided subdomains file for dead DNS records. 2) Dig the fo
Fly Dev Tunnel Developers commonly use apps like ngrok, localtunnel, or cloudflared to expose a local web service at a publicly-accessible URL. This i
CVE-2021-45232-RCE CVE-2021-45232-RCE-多线程批量漏洞检测 FOFA 查询 title="Apache APISIX Das
This tool gives developers, researchers and companies the ability to analyze software packages of different programming languages that are being or will be used in their codes, providing information
naabu2nmap 对naabu的端口扫描结果,调用nmap进行指纹识别
The base is a DynamicContainer to autoconfigure services using the decorators @services for regular services and @command_handler for using command pattern.
ParamsExtractor A burp-suite plugin that extract all parameters name from in-scope requests. You can run the plugin while you are working on the targe
BF-Hash Herramienta para descifrar hashes por fuerza bruta Instalación git clone
A security linter from PyCQA Free software: Apache license Documentation: https://bandit.readthedocs.io/en/latest/ Source: https://github.com/PyCQA/ba
CSPass This tool allows to automatically test for Content Security Policy bypass payloads. Usage [cspass]$ ./cspass.py -h usage: cspass.py [-h] [--no-
Vital What is Vital? Vital is malware primarily used to collect and extract information from the Discord desktop client. While it has other features (
passwnd Check for breached passwords with k-anonymity Usage To get prompted to enter the password securely, simply run: passwnd.py Alternatively, you
68 Dec 12, 2022
7 Dec 07, 2022
26 Sep 04, 2022
259 Dec 31, 2022
8 Oct 20, 2022
3 Nov 21, 2022
13 Oct 15, 2022
4 Jan 27, 2022
45 Dec 20, 2022
170 Dec 11, 2022
36 Sep 21, 2022
66 Nov 08, 2022
12 Nov 22, 2022
2 Jan 17, 2022
5 Apr 09, 2022
4.8k Dec 31, 2022
30 Nov 22, 2022
59 Dec 01, 2022
1 Feb 08, 2022