doyensec/imagemagick-security-policy-evaluator

Stars
14
Rank 1,429,993 (Top 29 %)
Language
JavaScript
Created about 2 years ago
Updated over 1 year ago

doyensec/imagemagick-security-policy-evaluator

doyensec

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

The ImageMagick Security Policy Evaluator allows developers and security experts to check if an XML Security Policy is hardened against a wide set of malicious attacks. It assists with the process of reviewing such policies, which is usually a manual task, and helps identify the best practices for ImageMagick deployments.

inql

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

electronegativity

Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.

regexploit

Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)

awesome-electronjs-hacking

A curated list of awesome resources about Electron.js (in)security

burpdeveltraining

Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"

wsrepl

WebSocket REPL for pentesters

Session-Hijacking-Visual-Exploitation

Session Hijacking Visual Exploitation

PESD-Exporter-Extension

PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams

ajpfuzzer

A command-line fuzzer for the Apache JServ Protocol (ajp13)

safeurl

A Server Side Request Forgery (SSRF) protection library. Made with 🖤 by Doyensec LLC.

CSPTBurpExtension

CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.

Prototype-Pollution-Gadgets-Finder

StandardizedImageProcessingTest

A test suite built with Mocha/Chai to test for behavioral differences between image libraries for the web

PoiEx

🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends

GQLSpection

GQLSpection - parses GraphQL introspection schema and generates possible queries

HopperTheme

Doyensec theme for the Hopper Disassembler - chill and functional for long RE nights

oidc-ssrf

An Evil OIDC Server

cloudsec-tidbits

Blogpost series showcasing interesting cloud - web app security bugs

confuser

Dependency Confusion Security Testing Tool

vbox-fuzz

Companion to the "Introduction to VirtualBox security research" Blog Post

CVE-2022-39299_PoC_Generator

A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-saml

VSCode_PoC_Oct2019

Proof of Concept for a VSCode Python Extension Code Execution Vulnerability

r2pickledec

Pickle decompiler plugin for Radare2

electronegativity-action

The action integrates Electronegativity, a tool to identify misconfigurations and security anti-patterns in Electron applications, into GitHub CI/CD.

webext_boilerplate

Web extension boilerplate files for web application testers.

db-race-conditions-playground

Database Race Condition Playground. Made with 🧡 by Doyensec LLC.

ThereAreBugsEverywhere

Doyensec Wallpapers - ThereAreBugsEverywhere Theme

libajp13

AJPv1.3 Java Library

wallet-info

A web service providing Ethereum Dapp information. Made with 🖤 by Doyensec LLC.

SoloKeys-2020Q1-fw-downgrade-PoC

SoloKeys firmware downgrade proof of concept

libressl-portable