Highlights
Stars
Stalk your Friends. Find their Instagram, FB and Twitter Profiles using Image Recognition and Reverse Image Search.
Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Examples of using Python for Twitter social data mining, using the python-twitter-tools framework.
Gospider - Fast web spider written in Go
Integrated web scraper and email account data breach comparison tool
sirdarckcat / HTTPLeaks
Forked from cure53/HTTPLeaksHTTPLeaks - All possible ways, a website can leak HTTP requests
Building an Active Directory domain and hacking it
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
Attack and defend active directory using modern post exploitation adversary tradecraft activity
A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
Template-based docx report creation
Rewrite of the popular wireless network auditor, "wifite"
Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.
A collective list of public APIs for use in security. Contributions welcome
A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev
Shared lists of problem domains people may want to block with hosts files
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Infection Monkey - An open-source adversary emulation platform
Test of asynchronous flask communication with web page.
Simple PHP webshell with a JPEG header to bypass weak image verification checks
WhiteWinterWolf's PHP web shell