-
Notifications
You must be signed in to change notification settings - Fork 1
Tools
-
Automatic Server-Side Template Injection Detection and Exploitation Tool
-
Automated Mongo database and NoSQL web application exploitation tool
-
Record your screen, network traffic & JavaScript logs and screenshot sessions too
-
[Awesome static analysis tools] (https://github.com/mre/awesome-static-analysis)
-
[Burp smartbuster, a smart content discovery tool] (https://github.com/pathetiq/BurpSmartBuster)
-
[Burpkit, nextgen plguin for Burp] (https://github.com/allfro/BurpKit)
-
[Burp plugin for missing/weak CSP directives] (https://github.com/moloch--/CSP-Bypass)
-
[Google CSP evaluator tool] (https://csp-evaluator.withgoogle.com/)
-
[Flash hacking tool from Cure53] (https://github.com/cure53/Flashbang)
-
[Http request generator in many languages - Burp plugin] (https://github.com/h3xstream/http-script-generator)
-
[Tool for finding second order XSS vulns] (https://xsshunter.com/)
-
[HTML5 XSS testing guide] (https://github.com/cure53/H5SC)
-
[python script that gathers all info from Shodan about an IP] (https://gist.github.com/achillean/f4bce0971b132f35d104a728d8d797f1)
-
[SSO openID attack tool] (https://n0where.net/single-sign-on-openid-attacker/)
-
[Reflected file download checker Burp plugin] (https://github.com/onurkarasalihoglu/Reflected-File-Download-Checker-BurpSuite-Plugin)
- [Detect regex DOS vulns in Android apps ] (https://github.com/olivo/redos-detector)
- [iOS security assessment tools] (http://www.kitploit.com/2016/12/idb-ios-app-security-assessment-tool.html)