0xJeti

followers

following

stars

0xJeti's starred repositories

PEASS-ng

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Language:C#NOASSERTION14720 225 177

Reverse-Engineering

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM and embedded RISC-V architectures.

Language:AssemblyApache-2.011158 2930

hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Language:PythonNOASSERTION8045 216 73

LOLBAS

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Language:XSLTGPL-3.07044 227 99

awesome-bugbounty-tools

A curated list of various bug bounty tools

CC0-1.04179 90 15

kiterunner

Contextual Content Discovery Tool

Language:GoAGPL-3.02634 40 48

ParamSpider

Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing

Language:PythonMIT2500 37 97

SSRF-Testing

SSRF (Server Side Request Forgery) testing resources

Language:Python2342 73 1

31-days-of-API-Security-Tips

This challenge is Inon Shkedy's 31 days API Security Tips.

puredns

Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.

Language:GoGPL-3.01693 25 46

go-wsl2-host

Automatically update your Windows hosts file with the WSL2 VM IP address

Language:Go1652 24 70

Damn-Vulnerable-GraphQL-Application

Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.

Language:JavaScriptMIT1499 27 32

crlfuzz

A fast tool to scan CRLF vulnerability written in Go

Language:GoMIT1332 17 15

writeups

MindAPI

Organize your API security assessment by using MindAPI. It's free and open for community collaboration.

CC0-1.0822 23 3

apkurlgrep

Extract endpoints from APK files

Language:GoMIT772 18 11

dnsvalidator

Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.

Language:PythonGPL-3.0648 20 28

J2EEScan

J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.

Language:JavaGPL-2.0642 36 19

GadgetProbe

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

Language:JavaMIT585 17 1

posta

🐙 Cross-document messaging security research tool powered by https://enso.security

Language:JavaScriptMIT278 9 8

pown

Pown.js is a security testing an exploitation toolkit built on top of Node.js and NPM.

Language:JavaScriptMIT259 22 5

tipjar

json-interop-vuln-labs

Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"

Language:Python196 11 1

poc_salesforce_lightning

Academic purposes only. Attack against Salesforce lightning with guest privilege.

Language:PythonAGPL-3.0137 20

xsstools

xss development frameworks, with the goal of making payload writing easier.

Language:JavaScriptGPL-3.0134 40

dnspy

Find subdomains and takeovers.

Language:PythonMIT83 80

dooked

DNS and Target HTTP History Local Storage and Search

Language:C++GPL-3.063 6 3

AWSBurpCollaborator

Deploy a Private Burpsuite Collaborator using boto3 Python Library

Language:Python57 3 2

Huge_DIR_wordlist

dnsrebinder

Go tool to perform DNS rebinding

Language:GoMIT26 30