RE:[ALT]ER's repositories
re-alter.github.io
[ RE:ALTER | SITE ]
re-alter
[ RE:ALTER | INFO ]
burp-awesome-tls
Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.
bludit
Simple, Fast, Secure, Flat-File CMS
hacker101
Source code for Hacker101.com - a free online web and mobile security class.
wpts
WordPress Tiny Snippets
wireguard-manager
✔️ WireGuard-Manager allows you to effortlessly set up and manage your own VPN in under a minute.
semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
ffuf
Fast web fuzzer written in Go
S3Scanner
Scan for misconfigured S3 buckets across S3-compatible APIs!
Findomain
The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, multiple API Keys for sources and much more.
crypto-js
JavaScript library of crypto standards.
katana
A next-generation crawling and spidering framework.
can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
ezXSS
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
javascript-obfuscator
A powerful obfuscator for JavaScript and Node.js
goop
Yet another tool to dump a git repository from a website, focused on as-complete-as-possible dumps and handling weird edge-cases.
fuxploider
File upload vulnerability scanner and exploitation tool.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
sqlmap
Automatic SQL injection and database takeover tool
RustScan
🤖 The Modern Port Scanner 🤖
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
DVWA
Damn Vulnerable Web Application (DVWA)
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
w3af
w3af: web application attack and audit framework, the open source web vulnerability scanner.
dirsearch
Web path scanner
wpscan
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites.
TypeShuffleAnimation
A shuffling type animation based on the effect seen on LCD 1.
Sublist3r
Fast subdomains enumeration tool for penetration testers
weevely3
Weaponized web shell