Starred repositories
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections…
⚡ XSSuccessor is a powerful, asynchronous Cross-Site Scripting (XSS) detection tool.
A high-speed tool for passively gathering URLs, optimized for efficient and comprehensive web asset discovery without active scanning.
valkyrie supports you finding possibilities for local privilege escalation on linux machines.
A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.
Open Source Intelligence Interface for Deep Web Scraping
A simple tool for bypassing file upload restrictions.
Fetch all the URLs that the Wayback Machine knows about for a domain
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
I have gathered data from haveibeenpwned.com for every common PIN and how often it is used. I am sharing with you a complete wordlist sorted by the most popular PINs first. Feel free to download it…
LiteSpeed Cache Privilege Escalation PoC
Secret Magpie - Secret Detection Tool
Will attempt to retrieve DB details for FastAdmin instances
DaProfiler is an OSINT tool allowing you to collect certain information about yourself in order to rectify by rgpd requests the traces you may have left on the net. DaProfiler is indeed able to rec…
Discover hidden information on the web with "Elite Google Dorks Search by Biscuit." This collection offers smart and improved Google search queries to help you find data and vulnerabilities more ea…
Burp Plugin to Bypass WAFs through the insertion of Junk Data
SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
The most powerful and modular diffusion model GUI, api and backend with a graph/nodes interface.
Burp plugin able to find reflected XSS on page in real-time while browsing on site
Search for sensitive data in Postman public library.
The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
This Python application is an OSINT (Open Source Intelligence) tool called "Ominis OSINT - Web Hunter." It performs online information gathering by querying Google for search results related to a u…
Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/or bug bounty targets!
SQLI labs to test error based, Blind boolean based, Time based.
Edited SQLi Audi lab series so that it can work in kali linux with PhpVersion 7+
🌐 The Internet OS! Free, Open-Source, and Self-Hostable.