Splint3r7
Follow
Stars
A simple threading-based tool to find reflection in parameters of multiple URLs for cross-site scripting identification.
Hunt SSL Certificates for interesting keywords on major cloud service providers / internet
The smart contract security training ground for developers, security researchers and educators.
Zero shot vulnerability discovery using LLMs
Community curated list of templates for the nuclei engine to find security vulnerabilities.
Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/or bug bounty targets!
This repository contains information on the CVEs I found.
PowerShell Remote Download Cradle Generator & Obfuscator
A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
Email enumerator, username generator, and context validator for hunter.io, snov.io, and skrapp.io
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Fetch information about a public Google document.
Updated Exploit - pfBlockerNG <= 2.1.4_26 Unauth RCE (CVE-2022-31814)
OpenVPN server installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS, Fedora, openSUSE, Amazon Linux 2 and Raspberry Pi OS
Pre-Built Vulnerable Environments Based on Docker-Compose
A vulnerability scanner for container images and filesystems
Android in docker solution with noVNC supported and video recording
This script uses subfinder, findomain, assetfinder, amass, httpx, and nmap to enumerate subdomains, check for live domains, and check for open ports.
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories,
An intentionally vulnerable Javascript app containing notable vulnerabilities in its dependencies.
Property based testing framework for JavaScript (like QuickCheck) written in TypeScript
SonarQube plugin for identifying hardcoded secrets, such as passwords, API keys, AWS credentials, etc..
Github Sensitive Information Leakage Monitor(Github信息泄漏监控系统)
快速搭建各种漏洞环境(Various vulnerability environment)