303sec's repositories
InfoSec-Learning-Materials
Resource for developing infosec skills for OSCP
blind_chess
Converting PGNs to more Natural Language for TTS generation
cookie-session
Simple cookie-based session middleware
303sec.github.io
Public Blog
django-DefectDojo
DefectDojo is a DevSecOps and vulnerability management tool.
EuroPi
EuroPi: A reprogrammable Eurorack module based on the Raspberry Pi Pico
exclude-cdn
Wraps projectdiscovery's cdncheck library to exclude CDN hosts from input passed over stdin
log4shell-everywhere
A Burp Suite extension which augments your proxy traffic by injecting log4shell payloads into headers
public-bugbounty-programs
Community curated list of public bug bounty and responsible disclosure programs.
rengine
reNgine is a reconnaissance engine(framework) that does end-to-end reconnaissance with the help of highly configurable scan engines and does information gathering about the target web application. reNgine makes use of various open-source tools and makes a configurable pipeline of reconnaissance.
add-custom-header
A Burp Suite extension to add a custom header (e.g. JWT)
python-redir-server
Simple redirection python server for SSRF
scripts
various scripts
gf
A wrapper around grep, to help you grep for things
git-fingerprint
Enumerate information from a target using git
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Firefox-Session-Header
A Firefox plugin to add an HTTP header detailing the session container in use with a web request.
rapid7sub
Subdomain enumeration with Rapid7 FDNS using AWS Athena&S3
How-to-get-a-job-in-Pentesting
Notes from a talk at BSides Glasgow 2018
Keye
Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a list of urls, it will make a request to these urls and it will try to detect changes on these urls based on their Content-Length.
CVE-2019-0708
POC for CVE-2019-0708
markdown-cheatsheet
Markdown Cheatsheet for Github Readme.md
truffleHog
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
doxycannon
A poorman's proxycannon and botnet, using docker, ovpn files, and a dante socks5 proxy
BuildParser
Not useful to the outside world. Makes a script's output much more helpful.