• Stars
    star
    91
  • Rank 366,013 (Top 8 %)
  • Language
    Java
  • Created almost 8 years ago
  • Updated about 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A command-line fuzzer for the Apache JServ Protocol (ajp13)

More Repositories

1

inql

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
Python
1,510
star
2

electronegativity

Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.
JavaScript
953
star
3

regexploit

Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)
Python
779
star
4

awesome-electronjs-hacking

A curated list of awesome resources about Electron.js (in)security
558
star
5

burpdeveltraining

Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
Java
345
star
6

wsrepl

WebSocket REPL for pentesters
Python
194
star
7

Session-Hijacking-Visual-Exploitation

Session Hijacking Visual Exploitation
JavaScript
189
star
8

PESD-Exporter-Extension

PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
HTML
94
star
9

safeurl

A Server Side Request Forgery (SSRF) protection library. Made with πŸ–€ by Doyensec LLC.
Go
89
star
10

CSPTBurpExtension

CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.
Java
79
star
11

Prototype-Pollution-Gadgets-Finder

Python
73
star
12

StandardizedImageProcessingTest

A test suite built with Mocha/Chai to test for behavioral differences between image libraries for the web
JavaScript
68
star
13

PoiEx

🌐 Visualize and explore IaC βœ’οΈ Create and share notes in VS Code 🀝 Sync notes and findings in real-time with friends
TypeScript
68
star
14

GQLSpection

GQLSpection - parses GraphQL introspection schema and generates possible queries
Python
64
star
15

HopperTheme

Doyensec theme for the Hopper Disassembler - chill and functional for long RE nights
55
star
16

oidc-ssrf

An Evil OIDC Server
Go
49
star
17

cloudsec-tidbits

Blogpost series showcasing interesting cloud - web app security bugs
HCL
44
star
18

confuser

Dependency Confusion Security Testing Tool
Python
39
star
19

vbox-fuzz

Companion to the "Introduction to VirtualBox security research" Blog Post
C++
29
star
20

CVE-2022-39299_PoC_Generator

A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-saml
Python
17
star
21

VSCode_PoC_Oct2019

Proof of Concept for a VSCode Python Extension Code Execution Vulnerability
Python
16
star
22

r2pickledec

Pickle decompiler plugin for Radare2
C
14
star
23

imagemagick-security-policy-evaluator

The ImageMagick Security Policy Evaluator allows developers and security experts to check if an XML Security Policy is hardened against a wide set of malicious attacks. It assists with the process of reviewing such policies, which is usually a manual task, and helps identify the best practices for ImageMagick deployments.
JavaScript
14
star
24

webext_boilerplate

Web extension boilerplate files for web application testers.
JavaScript
7
star
25

db-race-conditions-playground

Database Race Condition Playground. Made with 🧑 by Doyensec LLC.
JavaScript
6
star
26

ThereAreBugsEverywhere

Doyensec Wallpapers - ThereAreBugsEverywhere Theme
5
star
27

libajp13

AJPv1.3 Java Library
Java
4
star
28

wallet-info

A web service providing Ethereum Dapp information. Made with πŸ–€ by Doyensec LLC.
Go
4
star
29

SoloKeys-2020Q1-fw-downgrade-PoC

SoloKeys firmware downgrade proof of concept
Python
3
star
30

libressl-portable

C
1
star