Mostafa Mostafavi's starred repositories
ungoogled-chromium
Google Chromium, sans integration with Google
Docker-OSX
Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.
source-map
Consume and generate source maps.
promon-reversal
Analysis and proof-of-concept bypass of Promon SHIELD's Android application protection
burp-extender-api
Burp Wiener API (Legacy)
burp-extensions-montoya-api
Burp Extensions Api
copy-as-node-request
Burp extension to copy a request as a node.js requests function
Remove_dup_lines
Remove dup lines is a notepad++ plugin
xsshunter-express
An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!
RAU_crypto
Telerik UI for ASP.NET AJAX File upload and .NET deserialisation exploit (CVE-2017-11317, CVE-2017-11357, CVE-2019-18935)
exploit-notes
Sticky notes for pentesting, bug bounty, CTF.
OSINT-Framework
OSINT Framework
Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
filterbypass
Browser's XSS Filter Bypass Cheat Sheet
Awesome-WAF
🔥 Web-application firewalls (WAFs) from security standpoint.
octokit.js
The all-batteries-included GitHub SDK for Browsers, Node.js, and Deno.
redis-rdb-tools
Parse Redis dump.rdb files, Analyze Memory, and Export Data to JSON
ivre
Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more! Uses Nmap, Masscan, Zeek, p0f, etc.
public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.