Doyensec

Doyensec's repositories

inql

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

Language:KotlinApache-2.01693 25 132

electronegativity

Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.

Language:JavaScriptApache-2.01022 24 58

regexploit

Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)

Language:PythonApache-2.0838 11 16

awesome-electronjs-hacking

A curated list of awesome resources about Electron.js (in)security

651 170

wsrepl

WebSocket REPL for pentesters

Language:Python226 3 2

Session-Hijacking-Visual-Exploitation

Session Hijacking Visual Exploitation

Language:JavaScript210 7 14

CSPTBurpExtension

CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.

Language:JavaApache-2.0153 5 2

CSPTPlayground

CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).

Language:JavaScriptApache-2.0145 3 1

safeurl

A Server Side Request Forgery (SSRF) protection library. Made with 🖤 by Doyensec LLC.

Language:GoApache-2.0107 3 3

PESD-Exporter-Extension

PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams

Language:JavaApache-2.0106 4 6

GQLSpection

GQLSpection - parses GraphQL introspection schema and generates possible queries

Language:PythonApache-2.094 2 17

Prototype-Pollution-Gadgets-Finder

Language:Python89 2 1

PoiEx

🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends

Language:TypeScript73 30

Unsafe-Unpacking

Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide

Language:HTML42 20

KSMBD-CVE-2025-37947

Blog Post: https://blog.doyensec.com/2025/10/08/ksmbd-3.html

Language:C1700

malicious-devfile-registry

Exploit for CVE-2024-0402 in Gitlab

Language:Dockerfile1300

burp-rest-api

REST/JSON API to the Burp Suite security tool.

Language:JavaBSD-2-Clause11 80

SSHNuke_info

SSH Nuke Info

Language:C11 10

db-race-conditions-playground

Database Race Condition Playground. Made with 🧡 by Doyensec LLC.

Language:JavaScript8 10

libajp13

AJPv1.3 Java Library

Language:JavaApache-2.04 90

vibecoding-djinn

Language:PythonMIT400

exploitable-IoT-solution

!Exploitable IoT Exploit

Language:C300

csharp_rand_py

Optimized C# `Random` for security testing

Language:Python200

outline

The fastest knowledge base for growing teams. Beautiful, realtime collaborative, feature packed, and markdown compatible.

NOASSERTION100

security-testbeds

Language:TclApache-2.0010

tsunami-security-scanner

Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

Language:JavaApache-2.0010

tsunami-security-scanner-plugins

This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.

Language:JavaApache-2.0010

ComfyUI-tsunami-payload

Language:Python000

osv-scalibr

Language:GoApache-2.0000

ruby-unsafe-deserialization

Proof of Concepts for unsafe deserialization in Ruby

Language:RubyMIT000