Dominique RIGHETTO's repositories
poc-graphql
Research on GraphQL from an AppSec point of view.
toolbox-pentest-web
Docker toolbox for pentest of web based application.
burp-piper-custom-scripts
Custom scripts for the PIPER Burp extensions.
log-requests-to-sqlite
BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.
document-upload-protection
POC in order to protect an document upload application feature against "malicious" document submission.
website-passive-reconnaissance
Script to automate, when possible, the passive reconnaissance performed on a website prior to an assessment.
log4shell-analysis
Contains all my research and content produced regarding the log4shell vulnerability
tls-cert-discovery
Script to identify new host using the subjectAltName (Subject Alternate Name) extension of a x509 HTTP TLS certificate.
powershell-android-utils
PowerShell module providing utility commands to manipulate a APK file on Windows
toolbox-jwt
Docker toolbox with different scripts having for the objective to perform different kinds of attacks against JWT tokens.
robots-disallowed-dict-builder
Script generating a dictionary containing the most common DISALLOW clauses from robots.txt file found on CISCO Top 1 million sites
log4shell-payload-grabber
Tool to try to retrieve the java class used as dropper for the RCE in the context of log4shell vulnerability.
Invoke-CreateModuleHelpFile
PowerShell function to create a HTML help file for a module and all it's commands.
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
voxxeddays-lux-2018
Demonstration videos and presentation regarding the talk given at the VOXXED LU 2018 conference.
voxxeddays-lux-2022
Demonstration videos and presentation regarding the talk given at the VOXXED LU 2022 conference.
www-project-secure-headers
The OWASP Secure Headers Project
bchecks-library
Store custom BCheck scripts created prior to propose them to the BCheck PortSwigger repository.
oshp-stats
Stats about HTTP response security headers usage mentioned by the OSHP.
oshp-tracking
Repository used to organize freely the work on the OSHP projects.
oshp-validator
Venom tests suite to validate an HTTP security response headers configuration against OSHP recommendation.
righettod.github.io
Redirection to personal website
timesheet-utils
Program that I used to know the number of working days and hours according to Luxembourg public holidays to fill my professional timesheet.
toolbox-regex
Toolbox to have a local instance of RegExr to create regex against sensitive/private content.