Mathieu Déziel's repositories
Bashfuscator
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
check_mdi
Python script to enumerate valid Microsoft 365 domains, retrieve tenant name, and check for an MDI instance.
Damn-Vulnerable-Drone
Damn Vulnerable Drone is an intentionally vulnerable drone hacking simulator based on the popular ArduPilot/MAVLink architecture, providing a realistic environment for hands-on drone hacking.
dronesploit
Drone pentesting framework console
EyeWitness
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
Fooocus
Focus on prompting and generating
graphql-threat-matrix
GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations
graphw00f
graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
gungnir
CT Log Scanner
hl7magic
A Burp extension to allow for easy modification of HL7 messages sent to and from medical devices.
karma_v2
⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)
nginx-ajp-docker
Create Nginx docker image with ajp module to use it as a proxy
nginx_ajp_module
support AJP protocol proxy with Nginx
NucleiGPT
Automated Nuclei Template Generation Tool
pentest-bookmarks
a collection of handy bookmarks
postMessage-tracker
A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
reverse-shell-generator
Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)
sessionprobe
SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.
Smap
a drop-in replacement for Nmap powered by shodan.io
SSTImap
Automatic SSTI detection tool with interactive interface
SubDomainizer
A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
TeleTracker
TeleTracker is a simple set of Python scripts designed for anyone investigating Telegram channels. It helps you send messages quickly and gather useful channel information easily.
tplmap
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
username-anarchy
Username tools for penetration testing
wafw00f
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
WhatWeb
Next generation web scanner
xsser
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
XSStrike
Most advanced XSS scanner.