Pinned Repositories
0wned
Code execution via Python package installation.
AD-Attack-Defense
Active Directory Security For Red & Blue Team
advisories
AndroidInterview-Q-A
The top Internet companies android interview questions and answers
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
awesome-appsec
A curated list of resources for learning about application security
Bella
A pure python, post-exploitation, data mining tool and remote administration tool for macOS.
Docker-Secure-Deployment-Guidelines
Deployment checklist for securely deploying Docker
MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
public-pentesting-reports
Curated list of public penetration testing reports released by several consulting firms
0x13337's Repositories
0x13337/API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
0x13337/api-development-tools
:books: A collection of useful resources for building RESTful HTTP+JSON APIs.
0x13337/awesome-devsecops
An authoritative list of awesome devsecops tools with the help from community experiments and contributions.
0x13337/Burp-Non-HTTP-Extension
Non-HTTP Protocol Extension (NoPE) Proxy and DNS for Burp Suite.
0x13337/cloud-ranges
A list of cloud ranges from different providers.
0x13337/cloudmapper
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
0x13337/covid-vaccine-booking
This very basic script can be used to automate COVID-19 vaccination slot booking on India's Co-WIN Platform.
0x13337/CVE-2020-5902
Proof of concept for CVE-2020-5902
0x13337/CVE-2021-21972
0x13337/django-cheat-sheet
A cheat sheet for creating web apps with the Django framework.
0x13337/exploit-workshop
A step by step workshop to exploit various vulnerabilities in Node.js and Java applications
0x13337/GFPGAN
GFPGAN aims at developing Practical Algorithms for Real-world Face Restoration.
0x13337/grafana-ssrf
Authenticated SSRF in Grafana
0x13337/hacker-container
Container with all the list of useful tools/commands while hacking Kubernetes Clusters
0x13337/http-desync-guardian
Analyze HTTP requests to minimize risks of HTTP Desync attacks (precursor for HTTP request smuggling/splitting).
0x13337/IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
0x13337/naabu
A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
0x13337/nodebestpractices
:white_check_mark: The Node.js best practices list (November 2020)
0x13337/nuclei
Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.
0x13337/parse-server
API server module for Node/Express
0x13337/proxify
Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation, and replay on the go.
0x13337/rsa_sign2n
Deriving RSA public keys from message-signature pairs
0x13337/ScoutSuite
Multi-Cloud Security Auditing Tool
0x13337/SecureCodingDojo
The Secure Coding Dojo is a platform for delivering secure coding training.
0x13337/slipstream
NAT Slipstreaming allows an attacker to remotely access any TCP/UDP services bound to a victim machine, bypassing the victim’s NAT/firewall, just by the victim visiting a website
0x13337/subfinder
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
0x13337/ThreatPlaybook
A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
0x13337/toolbox-pentest-web
Docker toolbox for pentest of web based application.
0x13337/udemy-downloader-gui
A desktop application for downloading Udemy Courses
0x13337/what-happens-when
An attempt to answer the age old interview question "What happens when you type google.com into your browser and press enter?"