Beast code in Giters

cxosmo's starred repositories

ssrf-payload-generator

Language:Python300

wafw00f

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Language:PythonBSD-3-Clause504800

CrackQL

CrackQL is a GraphQL password brute-force and fuzzing utility.

Language:PythonBSD-3-Clause30500

EnterprisePurpleTeaming

Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.

MIT63000

PurpleSharp

PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments

Language:C#BSD-3-Clause75400

owasp-asvs-checklist

OWASP ASVS checklist for audits

MIT18100

altip

Convert an IP into Alternative / Obfuscated versions of itself

Language:GoMIT1400

CS-Situational-Awareness-BOF

Situational Awareness commands implemented using Beacon Object Files

Language:CGPL-2.0118600

testssl.sh

Testing TLS/SSL encryption anywhere on any port

Language:ShellGPL-2.0777700

rlwrap

A readline wrapper

Language:CGPL-2.0246500

Ghostwriter

The SpecterOps project management and reporting engine

Language:PythonBSD-3-Clause124200

SSRF-Testing

SSRF (Server Side Request Forgery) testing resources

Language:Python231400

Search-That-Hash

🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡

Language:PythonGPL-3.0123100

SSTImap

Automatic SSTI detection tool with interactive interface

Language:PythonGPL-3.071500

oauth-scan

Burp Suite Extension useful to verify OAUTHv2 and OpenID security

Language:JavaGPL-3.018300

jwt-secrets

MIT65200

semgrep

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

Language:OCamlLGPL-2.11010800

sslip.io

Golang-based DNS server which maps DNS records with embedded IP addresses to those addresses.

Language:GoApache-2.057900

CrackMapExec

A swiss army knife for pentesting networks

Language:PythonBSD-2-Clause826500

clairvoyance

Obtain GraphQL API schema even if the introspection is disabled

Language:PythonApache-2.096500

fuzzuli

fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.

Language:GoMIT61300

codeql

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security

Language:CodeQLMIT736000

flare-floss

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

Language:PythonApache-2.0311800

smuggler

Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3

Language:PythonMIT174100

original-publication

14100

svg-cheatsheet

A cheatsheet for exploiting server-side SVG processors.

66500

CeWL

CeWL is a Custom Word List Generator

Language:Ruby184500

homoglyph

A big list of homoglyphs and some code to detect them

Language:JavaScriptMIT51400

redirect-fuzzer

Fuzzing script for redirect URL validator

Language:Python4900

code-server

VS Code in the browser

Language:TypeScriptMIT6669100