Damian89

followers

following

stars

DSecured

Deutschland

https://www.dsecured.com/

Damian Strobel's repositories

extended-ssrf-search

Smart ssrf scanner using different methods like parameter brute forcing in post and get...

Language:Python277 9 8

extended-xss-search

A better version of my xssfinder tool - scans for different types of xss on a list of urls.

Language:Python181 8 3

ffufPostprocessing

Golang tool which helps dropping the irrelevant entries from your ffuf result file.

Language:Go123 4 1

xssfinder

Toolset for detecting reflected xss in websites

Language:Python109 7 6

yataf

yataf extracts secrets and paths from files or urls - its best used against javascript files

Language:Go51 30

commonCrawlParser

Simple multi threaded tool to extract domain related data from commoncrawl.org

Language:PythonMIT30 30

simple-oob-scanner

Simple tool to test for SSRF/OOB HTTP Read within the Path of a request

Language:Python29 20

extended-baserequest-importer

Scan and import relevant requests directly to burp!

Language:Python9 3 1

ffuf

Fast web fuzzer written in Go

Language:GoMIT200

ml-seotool

Language:Python2 40

My-Shodan-Scripts

Collection of Scripts for shodan searching stuff.

Language:PythonMIT2 30

Acamar

A Python3 based single-file subdomain enumerator

Language:PythonMIT1 20

Turbolist3r

Subdomain enumeration tool with analysis features for discovered domains

Language:PythonGPL-2.01 20

altdns

Generates permutations, alterations and mutations of subdomains and then resolves them

Language:PythonApache-2.0020

amass

In-depth subdomain enumeration written in Go

Language:GoNOASSERTION020

annoy

Approximate Nearest Neighbors in C++/Python optimized for memory usage and loading/saving to disk

Language:C++Apache-2.0020

CVE-2018-2893

CVE-2018-2893

Language:Python020

eacl24-german-legal-questions

Data and code: "Answering legal questions from laymen in German civil law system", Büttner & Habernal, EACL'24

Apache-2.0000

FlagEmbedding

Dense Retrieval and Retrieval-augmented LLMs

Language:PythonMIT000

keyhacks

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

020

kubernetes-cis-benchmark

A set of scripts inspired by CIS Kubernetes Benchmark that checks best-practices of Kubernetes installations

Language:ShellApache-2.0020

laravel

A PHP Framework For Web Artisans

Language:PHP020

laravel-query-detector

Laravel N+1 Query Detector

Language:PHPMIT020

numerai-sklearn-example

Sample Script for numer.ai's weekly challange - check blogpost

Language:Python020

off-by-slash

Burp extension to detect alias traversal via NGINX misconfiguration at scale.

Language:PythonMIT020

param-miner

Language:JavaNOASSERTION020

Python

Language:Jupyter Notebook000

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

Language:PHPMIT010

shelling

SHELLING - a comprehensive OS command injection payload generator

Language:Java020

Telewreck

A Burp extension to detect and exploit versions of Telerik Web UI vulnerable to CVE-2017-9248.

Language:PythonMIT020