alexlauerman

followers

following

stars

TrustFoundry

Kansas City, USA

https://trustfoundry.net

Alex Lauerman's repositories

UpdateToken

Burp extension to use updated token values, such as a bearer token

Language:Java22 3 2

ms10-070CheckPatch

Check for .net padding oracle patch

Language:Python19 20

IncrementMePlease

Burp extension to increment a parameter in each active scan request

Language:JavaApache-2.011 2 2

BurpExtensions

A list of burp extensions, although this has fallen very out of date.

MIT1000

EmptyBurpExtension

Example Burp extension to help get IntelliJ IDEA setup for Burp extension development

Language:Java7 20

AndroidSourceScout

Android Security Static Analysis Tool for Android Studio

Language:Java3 20

Scanners-Box

The toolbox of open source scanners(a.k.a scanbox) - 安全行业从业者自研开源扫描器合辑

300

begin-personal-website

Begin app

Language:JavaScriptApache-2.0100

burp-suite-software-version-checks

Burp extension to passively scan for applications revealing software version numbers

Language:Java1 20

fridump

A universal memory dumper using Frida

Language:Python1 20

GitTools

A repository with 3 tools for pwn'ing websites with .git repositories available

Language:ShellMIT1 20

IIS-ShortName-Scanner

latest version of scanners for IIS short filename (8.3) disclosure vulnerability

Language:Java1 10

lair

Lair is a reactive attack collaboration framework and web application built with meteor.

Language:JavaScriptMIT1 20

Lair-Browser-Scripts

Collection of small JavaScript functions and scripts that can be used in the browser to interact with Lair

Language:JavaScriptMIT1 20

mitmproxy

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Language:PythonMIT100

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Language:PythonMIT1 10

phishery

An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector

Language:GoMIT1 10

public-pentesting-reports

Curated list of public penetration test reports released by several consulting firms and academic security groups

Language:CSS1 10

retire.js

scanner detecting the use of JavaScript libraries with known vulnerabilities

Language:RoffNOASSERTION100

scripts

Various Small Scripts

Language:Python1 10

SecLists

SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.

Language:Roff1 10

ssh-phone-home

Pentest dropbox setup scripts for Kali Linux

Language:ShellGPL-2.01 20

the-backdoor-factory

Patch PE, ELF, Mach-O binaries with shellcode

Language:PythonBSD-3-Clause1 10

community-scripts

A collection of ZAP scripts provided by the community - pull requests very welcome!

Language:JavaScript020

fuzz.txt

Potentially dangerous files

020

hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

NOASSERTION000

home-assistant.io

:blue_book: Home Assistant User documentation

Language:HTMLNOASSERTION010

kc-infosec

KC Infosec

010

recon-dradis

Language:PythonGPL-3.0020

ysoserial

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Language:JavaMIT010