PikPikcU's starred repositories
Terrapin-Scanner
This repository contains a simple vulnerability scanner for the Terrapin attack present in the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation".
CVE-2024-27198-RCE
CVE-2024-27198 & CVE-2024-27199 Authentication Bypass --> RCE in JetBrains TeamCity Pre-2023.11.4
CVE-2024-23897
CVE-2024-23897
API-dnsdumpster.com
(Unofficial) Python API for https://dnsdumpster.com/
misconfig-mapper
Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/or bug bounty targets!
domloggerpp
A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.
smugglefuzz
A rapid HTTP downgrade smuggling scanner written in Go.
Fast-Google-Dorks-Scan
The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widespread file types and path traversal. The 100% automated.
BloodHound.py
A Python based ingestor for BloodHound
django-DefectDojo
DevSecOps, ASPM, Vulnerability Management. All on one platform.
Th3inspector
Th3Inspector 🕵️ Best Tool For Information Gathering 🔎
BrowserBruter
BrowserBruter is a powerful web form fuzzing automation tool designed for web security professionals and penetration testers. This Python-based tool leverages Selenium and Selenium-Wire to automate web form fuzzing, making it easier to identify potential vulnerabilities in web applications.
HttpRemotingObjRefLeak
Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)
commonspeak2
Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists
FullBypass
A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell. Feel free to DM if you find some bugs :)
Struts2-Scan
Struts2全漏洞扫描利用工具
static-analysis
⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.