Giters
Shubs (infosec-au)

infosec-au

Geek Repo

1k

followers

200

following

527

stars

Company:Assetnote

Location:Australia

Home Page:https://shubs.io

Github PK Tool:Github PK Tool

Shubs's starred repositories

pure-sh-bible

📖 A collection of pure POSIX sh alternatives to external processes.

Language:ShellLicense:MITStargazers:6338Issues:94Issues:23

apk-mitm

🤖 A CLI application that automatically prepares Android APK files for HTTPS inspection

Language:TypeScriptLicense:MITStargazers:3553Issues:43Issues:140

cariddi

Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more

Language:GoLicense:GPL-3.0Stargazers:1389Issues:13Issues:60

legba

A multiprotocol credentials bruteforcer / password sprayer and enumerator. 🥷

Language:RustLicense:NOASSERTIONStargazers:1278Issues:12Issues:39

jsluice

Extract URLs, paths, secrets, and other interesting bits from JavaScript

Language:GoLicense:MITStargazers:1253Issues:13Issues:12

nuclei-wordfence-cve

The EXCLUSIVE Collection of 37,000+ Nuclei templates based on Wordfence intel. Daily updates for bulletproof WordPress security.

Language:PythonStargazers:749Issues:14Issues:20

api_wordlist

A wordlist of API names for web application assessments

Stargazers:698Issues:14Issues:3

ShadowClone

Unleash the power of cloud

Language:PythonLicense:Apache-2.0Stargazers:655Issues:10Issues:45

rogue_mysql_server

A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.

Language:GoLicense:MITStargazers:644Issues:6Issues:11

shortscan

An IIS short filename enumeration tool

Language:GoLicense:MITStargazers:611Issues:6Issues:14

GadgetProbe

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

Language:JavaLicense:MITStargazers:570Issues:16Issues:1

WordList

Language:PHPStargazers:553Issues:11Issues:0

noir

Attack surface detector that identifies endpoints by static analysis

Language:CrystalLicense:MITStargazers:515Issues:11Issues:83

aws-security-survival-kit

Bare minimum AWS Security Alerting and Configuration

Language:MakefileLicense:GPL-3.0Stargazers:439Issues:18Issues:17

curlshell

reverse shell using curl

Language:PythonStargazers:430Issues:6Issues:0

PIPE

Prompt Injection Primer for Engineers

Stargazers:310Issues:8Issues:1

humanify

Deobfuscate Javascript code using ChatGPT

Language:TypeScriptLicense:MITStargazers:287Issues:7Issues:6

route-detect

Find authentication (authn) and authorization (authz) security bugs in web application routes.

Language:PythonLicense:BSD-3-ClauseStargazers:232Issues:2Issues:16

wapalyzer

🌐 Identify the technologies powering any website. This is a fork of the now deleted Wappalyzer project by @AliasIO and community.

Language:JavaScriptLicense:GPL-3.0Stargazers:222Issues:6Issues:4

grepmarx

A source code static analysis platform for AppSec enthusiasts.

Language:PythonLicense:MITStargazers:187Issues:6Issues:8

hackvertor

Language:JavaStargazers:147Issues:5Issues:98

graphicator

A GraphQL enumeration and extraction tool

Language:PythonLicense:MITStargazers:123Issues:3Issues:0

grepaddr

Use grepaddr to extract (grep) all kinds of addresses from stdin like URLs (incl. IPv4/IPv6), IP addresses & ranges (IPv4/IPv6), e-mail addresses, MAC addresses.

Language:PythonLicense:GPL-3.0Stargazers:60Issues:4Issues:1

EC2StepShell

EC2StepShell is an AWS post-exploitation tool for getting high privileges reverse shells in public or private EC2 instances.

Language:PythonLicense:MITStargazers:59Issues:0Issues:0

pyyso

pyyso is a Python package that generate java serialized poc. Including CommonsCollections1-7, JDK7u21, JDK8u20, ldap for jndi, shiro-550, CommonsBeanutils1 no cc, JRMPClient, high version JDK Bypass, Fake MySQL for JDBC attack

Language:PythonLicense:MITStargazers:48Issues:2Issues:0

nmapurls

Nmapurls parses Nmap xml reports from either piped input or command line arg and outputs a list of http(s) URL's to be used in an automation pipeline.

Language:GoLicense:GPL-3.0Stargazers:37Issues:1Issues:1

rsu-cracker

Language:RustStargazers:31Issues:0Issues:1

hot-jar-swapping-urlclassloader

Demo of the URLClassLoader JAR-swapping showing the ability to replace and exploit an already loaded JAR with inner classes

Language:JavaStargazers:29Issues:5Issues:0

interactsh-client-python

Language:PythonLicense:MITStargazers:10Issues:2Issues:0

rate-limit-queue

An implementation of rate limited queues in Python, thread-safe, using only built-in components

Language:PythonStargazers:8Issues:1Issues:0