mrrootsec
Follow
Stars
This is a set of bookmarklets I use for analyzing web applications for testing purposes.
Here are my favorite JQ scripts for analysis and web-based testing.
PoC collection of Atlassian(Jira, Confluence, Bitbucket) products and Jenkins, Solr, Nexus
A collection of my Frida.re instrumentation scripts to facilitate reverse engineering of mobile apps.
This repo includes ChatGPT prompt curation to use ChatGPT and other LLM tools better.
Make websites accessible for AI agents
Docker Android - Run QEMU Android in a Docker! X11 Forwarding! CI/CD for Android!
The Template Injection Playground allows to test a large number of the most relevant template engines for template injection possibilities.
The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.
Read and write unity assets/bundle files, based on https://github.com/SeriousCache/UABE
My personal collection of resources (mostly tools and training materials) for source code security audits.
Regex patterns for manual application source code review
Welcome to the secure code review snippets for secure code review snippets! This repository aims to provide developers with valuable examples and guidance for conducting secure code reviews and wri…
CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.
Obtain GraphQL API schema even if the introspection is disabled
For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)
Burp extension to import Postman collections and create Repeater tabs
A lightweight web-based Postman alternative for testing your APIs
MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.
A cross-platform, efficient and practical CSV/TSV toolkit in Golang
A cross-platform command-line tool for executing jobs in parallel
A curated list of various bug bounty tools