Soroush Dalili's repositories
IIS-ShortName-Scanner
latest version of scanners for IIS short filename (8.3) disclosure vulnerability
top10webseclist
Top Ten Web Hacking Techniques List
BurpSuiteSharpenerEx
This extension enhances Burp Suite by adding several UI and functional features, making it more user-friendly.
dnschef_updated
DNSChef - DNS proxy for Penetration Testers and Malware Analysts
JDBC-Attack
JDBC Connection URL Attack
privatecollaborator
A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate
ysoserial.net
Deserialization payload generator for a variety of .NET formatters
Burp-Suite-Extender-Montoya-Course
This repository contains all the examples related to a series of tutorials that demonstrate how to use the new Montoya API of Burp Suite to create extensions that will greatly simplify our pentester lives.
BurpSuiteExtensionJavaTemplate
A Burp Suite Extension Template Which Uses Java
clairvoyance
Obtain GraphQL API schema even if the introspection is disabled
Conferences
Conference slides
DEFCON-31-Syscalls-Workshop
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
delete-older-releases
Github Action to delete older releases
h2csmuggler
HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
JNDI-Exploit-Kit
JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection)
release-action
An action which manages a github release
trufflehog
Find and verify credentials
vulnerable-node-app
A NoSQL Injectable Node App