Giters
Ricardo Iramar dos Santos (riramar)

riramar

Geek Repo

316

followers

53

following

298

stars

Home Page:http://www.linkedin.com/in/iramar

Github PK Tool:Github PK Tool

Ricardo Iramar dos Santos's repositories

Web-Attack-Cheat-Sheet

Web Attack Cheat Sheet

Stargazers:4063Issues:104Issues:7

hsecscan

A security scanner for HTTP response headers.

Language:PythonLicense:GPL-2.0Stargazers:290Issues:33Issues:9

h2rs

Detects request smuggling via HTTP/2 downgrades.

Language:PythonLicense:GPL-2.0Stargazers:92Issues:4Issues:2

h2csmuggler-proxy

This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.

Language:PythonLicense:MITStargazers:38Issues:3Issues:0

pubkey-pin-android

Just another example for Android Public Key Pinning (based on OWASP example)

Language:JavaLicense:GPL-3.0Stargazers:36Issues:9Issues:2

DesyncCL0

A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.

Language:PythonLicense:GPL-2.0Stargazers:34Issues:4Issues:1

SmuggleTP

A straightforward tool for exploiting SMTP Smuggling vulnerabilities.

Language:PythonLicense:GPL-3.0Stargazers:10Issues:0Issues:0

bc2telegram

Simple script to report Burp Collaborator interactions to Telegram bot chat

Language:ShellStargazers:8Issues:3Issues:0

headers

Python script to get all response headers from Alexa top sites file and store in a MySQL database.

Language:PHPLicense:GPL-2.0Stargazers:5Issues:4Issues:0

huebrchallenge01

This is my first web challenge called "HueBR Challenge 01".

Language:HTMLStargazers:5Issues:3Issues:0

h2csmuggler

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

Language:PythonLicense:MITStargazers:4Issues:0Issues:0

evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Language:GoLicense:GPL-3.0Stargazers:3Issues:0Issues:0

dnsobserver

A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for out-of-band DNS interactions and sends lookup notifications via Slack.

Language:GoStargazers:2Issues:2Issues:0

knary

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark & Pushover support

Language:GoLicense:GPL-3.0Stargazers:2Issues:2Issues:0

waymore

Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan & VirusTotal!

Language:PythonLicense:MITStargazers:2Issues:0Issues:0

IE11xCORSxSOP

IE11 is not following CORS specification for local files

Language:HTMLStargazers:1Issues:2Issues:0

riramar.github.io

Language:HTMLStargazers:1Issues:3Issues:0

smuggler

Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3

Language:PythonLicense:MITStargazers:1Issues:0Issues:0

feroxbuster

A fast, simple, recursive content discovery tool written in Rust.

Language:RustLicense:MITStargazers:0Issues:1Issues:0

Findsploit

Find exploits in local and online databases instantly

Language:ShellLicense:NOASSERTIONStargazers:0Issues:2Issues:0

notify

Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a variety of supported platforms.

Language:GoLicense:MITStargazers:0Issues:0Issues:0

poc_salesforce_lightning

Academic purposes only. Attack against Salesforce lightning with guest privilege.

Language:PythonLicense:AGPL-3.0Stargazers:0Issues:0Issues:0

pocsuite3

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

Language:PythonLicense:NOASSERTIONStargazers:0Issues:0Issues:0

scripts

General scripts that helps me everyday

Language:ShellStargazers:0Issues:2Issues:0

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

Language:PHPLicense:MITStargazers:0Issues:0Issues:0

updatoo

updatoo is a bash script that performing a simple full (silent if you want) update in a Gentoo System.

Language:ShellLicense:GPL-2.0Stargazers:0Issues:2Issues:0

www-project-mobile-security-testing-guide

OWASP Foundation Web Respository

Language:RubyStargazers:0Issues:2Issues:0

www-project-secure-headers

OWASP Foundation Web Respository

Language:RubyStargazers:0Issues:1Issues:0

www-projectchapter-example

Stargazers:0Issues:2Issues:0

xorbreak

A Python script to break messages encrypted with simple XOR .

Language:PythonStargazers:0Issues:2Issues:0