There are no reviews yet. Be the first to send feedback to the community and the maintainers!
PowerUpSQL
PowerUpSQL: A PowerShell Toolkit for Attacking SQL ServerMicroBurst
A collection of scripts for assessing Microsoft Azure securitySQLInjectionWiki
A wiki focusing on aggregating and documenting various SQL injection methodsPESecurity
PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.PowerHuntShares
PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.xssValidator
This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities.NetblockTool
Find netblocks owned by a companyPowerShell
NetSPI PowerShell ScriptsESC
Evil SQL Client (ESC) is an interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features. While ESC can be a handy SQL Client for daily tasks, it was originally designed for targeting SQL Servers during penetration tests and red team engagements. The intent of the project is to provide an .exe, but also sample files for execution through mediums like msbuild and PowerShell.WebLogicPasswordDecryptor
PowerShell script and Java code to decrypt WebLogic passwordssshkey-grab
Grab ssh keys from ssh-agentJavaSerialKiller
Burp extension to perform Java Deserialization Attacksdjango.nV
Vulnerable Django ApplicationWsdler
WSDL Parser extension for BurpSwift.nV
Security Training Tool that demonstrates common mobile application vulnerabilities using Swift in iOSaws_consoler
A utility to convert your AWS CLI credentials into AWS console access.DAFT
DAFT: Database Audit Framework & ToolkitPowershell-Modules
Burp-Extensions
Central Repo for Burp extensionsBurpCollaboratorDNSTunnel
A DNS tunnel utilizing the Burp CollaboratorBetaFast
Vulnerable thick client applications used as examples in the Introduction to Hacking Desktop Applications blog seriesBurpExtractor
A Burp extension for generic extraction and reuse of data within HTTP requests and responses.AWSSigner
Burp Extension for AWS SigningAutoDirbuster
Automatically run and save ffuf scans for multiple IPsSQLC2
SQLC2 is a PowerShell script for deploying and managing a command and control system that uses SQL Server as both the control server and the agent.PowerHunt
PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.FuncoPop
Tools for attacking Azure Function AppsMonkeyWorks
cmdsql
heapdump-ios
Dump IOS application heap space from memorySpoofSpotter
A tool to catch spoofed NBNS responses.skl
strace keylogger PoCgrails-nV
Vulnerable Grails applicationJSONBeautifier
JSON Beautifier for Burp written in Javaasa_tools
Verification tools for CVE-2016-1287MoneyX
MoneyX is an intentionally vulnerable JSP application used for training developers in application security concepts.JIG
Jira Information Gathererhttpillage
HTTPScrapers
NetSPI HTTP Scrapersbinrev
crossdomainscanner
Python tool for expired domain discovery in crossdomain.xml filesgoat.js
Tutorial for Node.js securityPS_Reflector
PS_MultiCrack
A powershell script for cracking halfLMchall password hashesPS_CC_Checker
DataLoc
Scan MSSQL databases for payment card data without relying on key wordssilkwasm
HTML Smuggling with Web AssemblyPin
Intel pin toolsruby_apk_unpack
Ruby Gem to Unpack APK(s)SVNentriesParser
A powershell script to parse SVN entries files into an HTML directory listingDekrypto
JSWS
JavaScript Web Service Proxy Burp Plugingppdecrypt
Stand alone script to decrypt GPP cpassword.TapJacking-Demo
WCF
PycroBurst
Python implementation of select MicroBurst scripts.Custom-Passive-Scanner
Define custom findings for Burp's Passive Scanner using regex.doctordocker
Docker Doctor - Automated upgrading of libraries through Docker deployments.osint_scripts
Collection of Scripts of Open Source Intelligence Gatheringnpm-deps-parser
Parses, summarizes, and prints "npm audit" json output to markdown for nVision reportsScheduled-Task
Native Binary for Creating a Scheduled Taskrails-scope
scoping gem for rails applicationCollegePresentation
edge-cases-in-web
brigade-security-scripts
Brigade scripts to perform common Kubernetes and container-level security checks triggered by events.WikiJekyllTheme
Wiki theme for various NetSPI wikisLove Open Source and this site? Check out how you can help us