Aleksi Kistauri's starred repositories
automatic-api-attack-tool
Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an output.
avatarify-python
Avatars for Zoom, Skype and other video-conferencing apps.
php-exploit-scripts
A collection of PHP exploit scripts, found when investigating hacked servers. These are stored for educational purposes and to test fuzzers and vulnerability scanners. Feel free to contribute.
Spring-Boot-Actuator-Exploit
Spring Boot Actuator (jolokia) XXE/RCE
android-afl
Fuzzing Android program with american fuzzy lop (AFL)
openvas-docker
A Docker container for Openvas
chaos-client
Go client to communicate with Chaos DB API.
BugBountyTemplate
A simple Cherry Tree template that can be used to organize bug bounties
py_django_crack
Crack the django password on the way. By default Django use pbkdf2 and sha256 method to encrypt user's password. Once get the password stored in the database table, you need to compare it with others if brute force cracking. It is recommended that you use hash table comparison. The tool 'rainbow crack' can generate rainbow hash tables while another tool 'hashcat' brute-force cracks password from a dictionary alive. Because django uses PBKDF2(Password-Based Key Derivation Function), it would take too long to generate a password.
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
MonitorControl
🖥 Control your display's brightness & volume on your Mac as if it was a native Apple Display. Use Apple Keyboard keys or custom shortcuts. Shows the native macOS OSDs.
docker-flask-example
A generic python/Flask app with a Docker file
awesome-jenkins-rce-2019
There is no pre-auth RCE in Jenkins since May 2017, but this is the one!
CTF-pwn-tips
Here record some tips about pwn. Something is obsoleted and won't be updated. Sorry about that.
BugBounty_Profile
Recon_profile
Gf-Patterns
GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
XXE-OOB-Exploitation-Toolset-for-Automation
XXE OOB Exploitation Toolset for Automation