ls4cfk

Aleksi Kistauri's starred repositories

STEWS

A Security Tool for Enumerating WebSockets

Language:PythonApache-2.030900

chainsaw

Rapidly Search and Hunt through Windows Forensic Artefacts

Language:RustGPL-3.0264100

the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, data decryption, and encryption, etc.

Language:JavaApache-2.0401400

SQLbit

Just another script for automatize boolean-based blind SQL injections. (Demo)

Language:PythonGPL-3.05500

mariana-trench

A security focused static analysis tool for Android and Java applications.

Language:C++MIT106500

altdns

Generates permutations, alterations and mutations of subdomains and then resolves them

Language:PythonApache-2.0226900

WAD

Web application/technology detection tool

Language:PythonGPL-3.020500

vulnerable-AD

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

Language:PowerShellMIT192700

ppfuzz

A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

Language:RustMIT56100

udcide

Android Malware Behavior Deleter

Language:PythonGPL-3.03200

ws-smuggler

WebSocket Connection Smuggler

Language:GoMIT4700

kube-hunter

Hunt for security weaknesses in Kubernetes clusters

Language:PythonApache-2.0467400

http2smugl

Language:GoUnlicense52800

kiterunner

Contextual Content Discovery Tool

Language:GoAGPL-3.0254100

medusa

Binary instrumentation framework based on FRIDA

Language:PythonGPL-3.0149600

Autowasp

BurpSuite Extension: A one-stop pen testing checklist and logger tool

Language:JavaMIT7200

autowasp

BurpSuite Extension: A one-stop pen testing checklist and logger tool

Language:JavaMIT25700

urlhunter

a recon tool that allows searching on URLs that are exposed via shortener services

Language:GoMIT148300

dnspy

Find subdomains and takeovers.

Language:PythonMIT8000

posta

🐙 Cross-document messaging security research tool powered by https://enso.security

Language:JavaScriptMIT27100

crlfuzz

A fast tool to scan CRLF vulnerability written in Go

Language:GoMIT126400

BugBountyScanner

A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.

Language:ShellMIT83700

ohmybackup

Scan Victim Backup Directories & Backup Files

Language:GoGPL-2.017800

reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Language:ShellMIT548600

tiscripts

Turbo Intruder Scripts

Language:PythonMIT21100

leaky-paths

A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

90700