slooppe's repositories
AtlasReaper
A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.
Awesome_Incident_Response
Awesome Incident Response
bitsadmin.github.io
Blog at the bitsadm.in domain
bruteforce-lists
Some files for bruteforcing certain things.
BucketLoot
BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.
copy-to-bcheck
BurpSuite extension to convert requests into bcheck scripts
ffufPostprocessing
Golang tool which helps dropping the irrelevant entries from your ffuf result file.
HARImporter
HAR importer
HBSQLI
Automated Tool for Testing Header Based Blind SQL Injection
htmlq
Like jq, but for HTML.
mantra
「🔑」A tool used to hunt down API key leaks in JS files and pages
MetadataPlus
A tool to use novel locations to extract metadata from Office documents.
noir
🖤 Discover all API and web page in the source code
page-fetch
Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pages and see the returned values
ParaForge
A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing
power-pwn
An offensive and defensive security toolset for Microsoft 365 Power Platform
promptmap
automatically tests prompt injection attacks on ChatGPT instances
puff
Clientside vulnerability / reflected xss fuzzer
quivr
🧠 Dump all your files and chat with it using your Generative AI Second Brain using LLMs ( GPT 3.5/4, Private, Anthropic, VertexAI ) & Embeddings 🧠
route-detect
Find authentication (authn) and authorization (authz) security bugs in web application routes.
SharpSCCM
A C# utility for interacting with SCCM
shortscan
An IIS short filename enumeration tool
spraycharles
Low and slow password spraying tool, designed to spray on an interval over a long period of time
strelka
Real-time, container-based file scanning at enterprise scale
sysreptor
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
TeamsPhisher
Send phishing messages and attachments to Microsoft Teams users
TokenTactics
Azure JWT Token Manipulation Toolset
TokenTacticsV2
A fork of the great TokenTactics with support for CAE and token endpoint v2