misc

Random stuff that I wrote long time ago:

csrf_plugin

POC for testing CSRF webapps. Is a burp plugin able to regenerate CSRF prevention tokens when doing automatic scans. This has not been adapted to the latest Burp's plugin API.

injection_CSRF

Tomcat 7 application featuring CSRF protection and with a simple SQLi vulnerability.

certlookup.py

certlookup is a tool for performing reverse IP lookups interrogating SSL servers for certificate's CN attribute. Handy when you have a bunch of web servers IPs and you don't know the web site name.

burpstrike

An old project trying to bring Proxystrike within burp suite. This has not been adapted to the latest Burp's plugin API.