Pinned Repositories
ActiveScanPlusPlus
ActiveScan++ Burp Suite Plugin
agartha
a burp extension for dynamic payload generation to detect injection flaws (LFI, RCE, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http requests to Javascript for further XSS exploitations.
ATOR-Burp
Autorize
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
bbFuzzing.txt
Bookmarks
A Burp Suite Extension to take back your repeater tabs
burp-add-to-sitemap-plusplus
burp-api-common
common methods that used by my burp extension projects
burp-auto-gql
A plugin for Burp Suite Pro that uses the GraphQL schema to begin Active Scanning the entire endpoint.
burp-extensions
Burp Extensions
EvCuQ4HgGJd74Lhz's Repositories
EvCuQ4HgGJd74Lhz/bbFuzzing.txt
EvCuQ4HgGJd74Lhz/application-security-handbook
A knowledge base of best practices for application security
EvCuQ4HgGJd74Lhz/Awesome-GPT-Agents
A curated list of GPT agents for cybersecurity
EvCuQ4HgGJd74Lhz/awesome-list
Cybersecurity oriented awesome list
EvCuQ4HgGJd74Lhz/BB-Writeups
Will share some interesting writeups here :)
EvCuQ4HgGJd74Lhz/bug-bounty-reference
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
EvCuQ4HgGJd74Lhz/cariddi
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
EvCuQ4HgGJd74Lhz/cheat-sheets
A list of cheat sheets for application security
EvCuQ4HgGJd74Lhz/CloudPulse
A tool to curate compelling news on cloud technologies and cybersecurity. By aggregating information from RSS feeds and Reddit, it identifies the most noteworthy and impactful updates in the tech industry.
EvCuQ4HgGJd74Lhz/community-scripts
A set of open-source community scripts
EvCuQ4HgGJd74Lhz/CVE-2023-33733
CVE-2023-33733 reportlab RCE
EvCuQ4HgGJd74Lhz/cve-2023-50164-poc
Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")
EvCuQ4HgGJd74Lhz/domainim
A fast and comprehensive tool for organizational network scanning
EvCuQ4HgGJd74Lhz/f5-bigip-hardening-AS3
F5 Secure Cloud AS3 Examples
EvCuQ4HgGJd74Lhz/firefly
Black box fuzzer for web applications
EvCuQ4HgGJd74Lhz/ghauri
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
EvCuQ4HgGJd74Lhz/git-alerts
Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
EvCuQ4HgGJd74Lhz/gpt-crawler
Crawl a site to generate knowledge files to create your own custom GPT from a URL
EvCuQ4HgGJd74Lhz/heaptruffle
Mine URLs from Browser's Heap Snapshot for fun and profit
EvCuQ4HgGJd74Lhz/HogWarpLib
EvCuQ4HgGJd74Lhz/httpninja
HTTP.ninja
EvCuQ4HgGJd74Lhz/IIS-ShortName-Scanner
latest version of scanners for IIS short filename (8.3) disclosure vulnerability
EvCuQ4HgGJd74Lhz/MySecurityArticle
My Security Article space on GitHub dedicated to sharing insights, best practices, and discussions related to cybersecurity, ensuring safer code and applications.
EvCuQ4HgGJd74Lhz/pathbuster
A path-normalization pentesting tool using path replacements.
EvCuQ4HgGJd74Lhz/Preferred-Network-List-Sniffer
PNLS is a reconnaissance tool that captures and displays SSIDs from device's Preferred Network List.
EvCuQ4HgGJd74Lhz/sebel
a Go package that provides functionality for checking SSL/TLS certificates against malicious connections, by identifying and blacklisting certificates used by botnet command and control (C&C) servers.
EvCuQ4HgGJd74Lhz/top10webseclist
Top Ten Web Hacking Techniques List
EvCuQ4HgGJd74Lhz/Wordlists-webhack-1
EvCuQ4HgGJd74Lhz/wstg
The OWASP Web Security Testing Guide includes a "best practice" penetration testing framework which users can implement in their own organizations and a "low level" penetration testing guide that describes techniques for testing most common web application and web service security issues.
EvCuQ4HgGJd74Lhz/XSS-Bypass-Filters