0xfabiof
Follow
Stars
A curated list of resources for learning web3 hacking/Security
Combined port scanning w/ Masscan's speed & Nmap's scanning features.
Short checklists for penetration testing methodology
A security focused static analysis tool for Android and Java applications.
GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
Organize your API security assessment by using MindAPI. It's free and open for community collaboration.
AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
A collection of awesome one-liner scripts especially for bug bounty tips.
grep rough audit - source code auditing tool
BurpSuite Extension: A one-stop pen testing checklist and logger tool
Serverless Functions for establishing Reverse Shells to Lambda, Azure Functions, and Google Cloud Functions
GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
A webpage with utility tools for huawei routers
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.
A set of utilities (vmcli + vmctl) for macOS Virtualization.framework
This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate. The objective is to simplify as much as possible t…
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.