righettod

Dominique RIGHETTO's repositories

poc-graphql

Research on GraphQL from an AppSec point of view.

Language:JavaMIT405 16 1

toolbox-pentest-web

Docker toolbox for pentest of web based application.

Language:PythonGPL-3.0130 9 33

burp-piper-custom-scripts

Custom scripts for the PIPER Burp extensions.

Language:PythonGPL-3.097 9 4

log-requests-to-sqlite

BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.

Language:JavaGPL-3.060 4 22

website-passive-reconnaissance

Script to automate, when possible, the passive reconnaissance performed on a website prior to an assessment.

Language:PythonGPL-3.034 3 21

powershell-android-utils

PowerShell module providing utility commands to manipulate a APK file on Windows

Language:PowerShellGPL-3.08 3 1

toolbox-jwt

Docker toolbox with different scripts having for the objective to perform different kinds of attacks against JWT tokens.

Language:DockerfileGPL-3.06 20

code-snippets-security-utils

Provides different utilities methods to apply processing from a security perspective.

Language:JavaGPL-3.0500

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

Language:PHPMIT2 20

Invoke-CreateModuleHelpFile

PowerShell function to create a HTML help file for a module and all it's commands.

Language:PowerShell1 20

nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Language:JavaScriptMIT1 10

param-miner

Language:JavaNOASSERTION1 10

pkcheck

Program brute forcing the passphrase of a private key

Language:GoGPL-3.01 30

sandbox

Provide network listeners during online training web challenges/labs.

Language:Shell1 30

toolbox-codescan

Customized toolbox to perform offline scanning of a code base.

Language:ShellGPL-3.0100

voxxeddays-lux-2018

Demonstration videos and presentation regarding the talk given at the VOXXED LU 2018 conference.

Language:JavaGPL-3.01 30

voxxeddays-lux-2022

Demonstration videos and presentation regarding the talk given at the VOXXED LU 2022 conference.

Language:PHPGPL-3.01 30

www-project-secure-headers

The OWASP Secure Headers Project

Language:PythonApache-2.01 10

BChecks

BChecks collection for Burp Suite Professional

LGPL-3.0010

bchecks-library

Store custom BCheck scripts created prior to propose them to the BCheck PortSwigger repository.

Language:PowerShellGPL-3.0020

oshp-stats

Stats about HTTP response security headers usage mentioned by the OSHP.

Language:PythonGPL-3.0010

oshp-tracking

Repository used to organize freely the work on the OSHP projects.

GPL-3.0010

oshp-validator

Venom tests suite to validate an HTTP security response headers configuration against OSHP recommendation.

Language:PythonGPL-3.0010

oshp.github.io

Language:CSS020

righettod.github.io

Redirection to personal website

Language:HTML030

rsa_sign2n

Deriving RSA public keys from message-signature pairs

GPL-3.0000

timesheet-utils

Program that I used to know the number of working days and hours according to Luxembourg public holidays to fill my professional timesheet.

Language:GoGPL-3.0020

toolbox-regex

Toolbox to have a local instance of RegExr to create regex against sensitive/private content.

Language:DockerfileGPL-3.0000

voxxeddays-lux-2016

Demonstration videos and presentation regarding the talk given at the VOXXED LU 2016 conference.

GPL-3.0000

voxxeddays-lux-2024

Demonstration videos and presentation regarding the talk given at the VOXXED LU 2024 conference.

Language:HTMLGPL-3.0000