Wes Ladd's repositories
top10webseclist
Top Ten Web Hacking Techniques List
aws_public_ips
Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services
vhosts-sieve
Searching for virtual hosts among non-resolvable domains
CRLF-Injection-Scanner
Command line tool for testing CRLF injection on a list of domains.
AWS-Security-Assessment-Scripts
Bash scripts to check for security misconfigurations in AWS services
dotdotpwn
DotDotPwn - The Directory Traversal Fuzzer
azdevopssecurity
Security considerations and guidelines for Azure DevOps and Azure
PandorasBox
Security tool to quickly audit Public Box files and folders.
PhishingPretexts
A library of pretexts to use on offensive phishing engagements.
DanderSpritz_lab
A fully functional DanderSpritz lab in 2 commands
the-book-of-secret-knowledge
:zap: A collection of awesome lists, manuals, blogs, hacks, one-liners, cli/web tools and more. Especially for System and Network Administrators, DevOps, Pentesters or Security Researchers.
RedFile
A flask wsgi application that serves files with intelligence, good for serving conditional RedTeam payloads
gograbber
A horizontal and vertical web content enumerator
XSS-Payloads
List of XSS Vectors/Payloads
ssrf_proxy
SSRF Proxy facilitates tunneling HTTP communications through servers vulnerable to Server-Side Request Forgery.
quickstart-enterprise-accelerator-cis-benchmark
AWS Quick Start Team
EmbedInHTML
Embed and hide any file in an HTML file
hackable-slack-client
Inject CSS or JS into Slack, per-team.
EQGRP_Lost_in_Translation
Decrypted content of odd.tar.xz.gpg, swift.tar.xz.gpg and windows.tar.xz.gpg
ortbot
Open Red Team Bag of Tricks - Red Teaming and Pentesting cheat sheet and trick book
httpdiff
Perform the same request against two HTTP servers and diff the results
webshell
This is a webshell open source project